Flash flaw being used to deliver email based attacks

Share this article:

Adobe on Friday issued an emergency patch for a critical bug in its Flash Player software that is being used in targeted malware attacks.

Updating to Flash version 11.2.202.235 for Windows, Macintosh and Linux closes an "object confusion" vulnerability that, if exploited, could cause an application crash or, worse, lead to the takeover of a system, according to a bulletin.

Adversaries currently are delivering emails containing the exploit as part of an attachment. Right now, only users of Internet Explorer for Windows are being hit.

Flash for Android-based mobile devices also have been updated. If the software is installed on Google's Chrome browser, it automatically was updated so users don't need to take any action.

Users are advised to patch as soon as possible.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Judge lifts stay but Microsoft won't hand over emails during appeal

A judge has lifted a suspension of a previous order compelling Microsoft to hand over customer emails stored on a server in Ireland.

Security foundation also warns of Netis router backdoor

Trend Micro first alerted the public to the backdoor affecting Netis and Netcore brand routers.

FBI, Apple investigate celebrity photo hacking incident

FBI, Apple investigate celebrity photo hacking incident

Reports surfaced that iCloud vulnerabilities may have allowed hackers to obtain personal photos, including nude images, of over 100 celebrities.