Adobe Updates Flash Player to Fix Critical Vulnerability

Adobe may have deprecated Flash in favor of HTML5, but that doesn't mean everyone has stopped using it nor have hackers stopped looking for vulnerabilities.

Adobe released a new critical security on Thursday which fixes a zero-day flaw in Adobe Flash Player. According to the release notes, the vulnerability, could be exploited to "cause a crash and potentially allow an attacker to take control of the affected system".

6167255518_7949376c48[1]

Adobe says that the exploit is in use by hackers, and they're not kidding. Apparently the vulnerability was identified by a researcher who found it in a malware toolkit last week:

The Angler exploit kit is one of the most popular crimeware kit and according to the French security researcher Kafeine it was enriched with a fresh Adobe Flashzero-day vulnerability. Kafeine has discovered a new variant of the Angler exploit kit that exploit three different vulnerabilities in Flash Player, including the zero-day flaw for the latest version of Flash (version 16.0.0.257) in several versions of Internet Explorer running on Windows 7 and Windows 8.

The security hole affects computers running Linux, OSX, and Windows, although the researchers have only identified the exploit being used against computers running Windows XP, 7, and 8. But since it's already being actively exploited you're definitely going to want update Flash Player.

If you have automatic updates enabled then Adobe will be rolling the update out to you. But just to be safe, you should probably check with Adobe and see if you have the latest version of Flash Player for your system.

According to this page, I'm good. Are you?

You can download the update here.

Adobe via Security Affairs

image by smswigart

About Nate Hoffelder (11588 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader:"I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

3 Comments on Adobe Updates Flash Player to Fix Critical Vulnerability

  1. I’m confused. When I checked the link you give to identify my version of flash player, I’m told that I have 16.0.0.296. Wouldn’t that be more advanced than the 16.0.087?

1 Trackbacks & Pingbacks

  1. Forbes Website Was Hacked in Targeted Attack on Its Visitors ⋆ Ink, Bits, & Pixels

Leave a comment

Your email address will not be published.


*