May 04, 2012

Flash flaw being used to deliver email based attacks

Adobe on Friday issued an emergency patch for a critical bug in its Flash Player software that is being used in targeted malware attacks.

Updating to Flash version 11.2.202.235 for Windows, Macintosh and Linux closes an "object confusion" vulnerability that, if exploited, could cause an application crash or, worse, lead to the takeover of a system, according to a bulletin.

Adversaries currently are delivering emails containing the exploit as part of an attachment. Right now, only users of Internet Explorer for Windows are being hit.

Flash for Android-based mobile devices also have been updated. If the software is installed on Google's Chrome browser, it automatically was updated so users don't need to take any action.

Users are advised to patch as soon as possible.

Related Articles
Related Topics

More in News

California law would require breach notice if online account information is stolen

The new legislation would amend the definition of "personal information" under the state's breach notification law.

Liable to attack: Cyber insurance can help organizations cover the cost of breaches

Liable to attack: Cyber insurance can help organizations ...

Everyone is familiar with health, flood, car and life insurance, but what happens when the digital equivalent of a disaster strikes? Some entities may want this peace of mind, but ...

22M accounts exposed in Yahoo Japan breach

22M accounts exposed in Yahoo Japan breach

Users have been urged to change their passwords as a precaution.