|22 Aug 2012||#1|
| || |
Flash Player vulnerable again a week after patching
Here we go again folks.....they've released another patch
Adobe has released yet another security update for Flash Player, to address a new set of six vulnerabilities that even affect the company's most recent patch that was issued just last week.
Last week, Adobe urged Windows and Mac users to upgrade Flash Player to 11.3.300.271 and Linux users to upgrade to 188.8.131.52, to mitigate a vulnerability that was being exploited in the wild; victims would open a Microsoft Word document and become infected, or would be compromised via the ActiveX version of Flash Player for Internet Explorer. This vulnerability could cause the computer to crash and potentially allow attackers to take control.
Today, Symantec confirmed that attacks were indeed being carried out, observing over 1300 instances of malicious emails since 10 August. It pointed users to the 11.3.300.271 patch and urged them to keep their systems up to date.
But this patch is no longer effective against yet another set of vulnerabilities that affect all versions of Flash Player, including Android 4.x, 3.x and 2.x. Like the previous vulnerability, these could allow attackers to crash and take control of the targeted computer or device and has earned Adobe's highest severity rating of critical, leading Adobe to release a new patch only a week after the last.
Adobe has assigned the new Windows patch with a Priority 1 rating. This means that the company believes that the vulnerability is either being targeted, or has a high risk of being targeted, by an exploit that is available in the wild. It recommends updating to the newer 11.4.402.265 version of Flash Player as soon as possible.
The patch for Macs has a lower Priority 2 rating, meaning there are no known exploits in the wild, while Linux and Android have been assigned Priority 3. Adobe suggests users use their own discretion for these systems, as they are typically not targeted.
Adobe also released critical patches for its Windows, Macintosh, Android and the SDK (which includes AIR for iOS) versions of Adobe AIR, with a Priority 3 rating.
|My System Specs|
|Similar help and support threads for2: Flash Player vulnerable again a week after patching|
|Another week, another flash exploit.||Music, Pictures & Video|
|Adobe to fix Flash Player hole this week||Security News|
|Critical Flash flaw won't be fixed until next week||Security News|
|Users Remain Vulnerable to Flash Exploits After Upgrading Flash Player||System Security|
|flash player in win 7||Software|
|Flash Player Help||Browsers & Mail|