Critical Flash Player Hole Closed

Monday, May 7, 2012 @ 08:05 AM gHale

Attacks centered on Adobe’s Flash Player are in play just as the company released a security advisory relating to an object confusion vulnerability that could allow an attacker to crash the player or take control of an affected system.

Exploits are hitting the cyber street as part of targeted email-based attacks which trick the user into clicking on a malicious file. While this exploit only targets Flash Player on Internet Explorer on Windows, the vulnerability does exist on Windows, Mac OS X, Linux and Android versions of the player.

Adobe Patches Flash Player, Again
Adobe Patches ColdFusion Flaw
Flash Player Flaws Fixed
Adobe Patches Flash Player, Again

An update to Adobe Flash Player on Windows, Mac OS X and Linux should apply to anyone running version or earlier. For verification on which version of Flash player is on the machine, visit the Flash Player About page. Windows users should be able to also activate the silent update recently introduced to Flash Player.

Google Chrome’s Flash Player has already updated automatically. Android users should, depending on their version of Android, update their players; Android 4.0 users running and earlier should update to and Android 3.0 users running and earlier should update to In either case, users should browse to Google Play and its Flash Player page for the update.

Leave a Reply

You must be logged in to post a comment.