February 8, 2013
Security Issue Affects both OS X and Windows Users
Java is not the only software to be targeted by malware and hackers — Adobe Flash Player is also under attack.
Adobe has released an update to fix two zero-day exploits in Flash that affect both OS X and Windows operating systems.
Targeted attacks have been designed to trick Windows users into opening a Microsoft Word document delivered as an e-mail attachment. The attachment contains malicious Flash content.
The vulnerabilities also allow malicious Flash content on websites to transport malware to OS X users through either Firefox or Safari.
Adobe said the updates, released Feb. 7, address vulnerabilities that could cause a user’s computer to crash and potentially allow an attacker to take control of the affected system.
Adobe is recommending users update their product installations to the latest versions immediately via the official Flash Web page or through the Flash updater already on users’ systems.
Some of the updates are more critical than others — Adobe has rated them in the table below:
|Adobe Flash Player||11.5.502.149||Windows and Macintosh||1|
|18.104.22.168||Android 3.x and 2.x||3|
The following is a list of the compromised versions of Flash Player and the version users should upgrade to:
• Users of Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 11.5.502.149.
• Users of Adobe Flash Player 22.214.171.1241 and earlier versions for Linux should update to Adobe Flash Player 126.96.36.1992.
• Flash Player installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 188.8.131.52 for Windows, Macintosh and Linux.
• Flash Player installed with Internet Explorer 10 for Windows 8 will automatically be updated to the latest version of Internet Explorer 10, which will include Adobe Flash Player 11.3.379.14 for Windows.
• Users of Adobe Flash Player 184.108.40.206 and earlier versions on Android 4.x devices should update to Adobe Flash Player 220.127.116.11.
• Users of Adobe Flash Player 18.104.22.168 and earlier versions for Android 3.x and earlier versions should update to Flash Player 22.214.171.124.
Users can click here to determine the version of Flash Player their computers are using.
To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.