Adobe Flash Player Gets Security Update: Watch For Those Exploits

rated by 0 users
This post has 3 Replies | 0 Followers

Top 10 Contributor
Posts 26,356
Points 1,191,615
Joined: Sep 2007
ForumsAdministrator
News Posted: Sat, May 5 2012 10:44 PM
If you're using Flash on your computer or phone, there seems to be an update in order. Adobe has just issued a security bulletin notifying users that there's an update available for Flash Player. Updates have been unleashed for Adobe Flash Player 11.2.202.233 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.7 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and 2.x. These updates address an object confusion vulnerability (CVE-2012-0779) that could cause the application to crash and potentially allow an attacker to take control of the affected system.

There are reports that the vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious file delivered in an email message, with this particularly one hitting Flash Player on Internet Explorer for Windows only. Adobe recommends users of Adobe Flash Player 11.2.202.233 and earlier versions for Windows, Macintosh and Linux update to Adobe Flash Player 11.2.202.235. Flash Player installed with Google Chrome was updated automatically, so no user action is required. Users of Adobe Flash Player 11.1.115.7 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.8. Users of Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and earlier versions should update to Flash Player 11.1.111.9.

Looking for the solution? Aside from updating your software, here's a few tips direct from Adobe.

Adobe recommends users update their software installations by following the instructions below:

Adobe recommends users of Adobe Flash Player 11.2.202.233 and earlier versions for Windows, Macintosh, and Linux update to the newest version 11.2.202.235 by downloading it from the Adobe Flash Player Download Center. Windows users of Flash Player 11.2.x who have selected the silent update option will receive the update automatically. Windows users who do not have the silent update option enabled and users of Adobe Flash Player 10.3.x or later for Macintosh can install the update via the update mechanism within the product when prompted. Flash Player installed with Google Chrome was updated automatically, so no user action is required.

For users who cannot update to Flash Player 11.2.202.235, Adobe has developed a patched version of Flash Player 10.x, Flash Player 10.3.183.19, which can be downloaded here.

Users of Adobe Flash Player 11.1.115.7 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.8 by browsing to Google play on an Android device. Users of Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and earlier versions should update to Flash Player 11.1.111.9 by browsing to Google play on an Android device.
  • | Post Points: 35
Top 50 Contributor
Posts 2,865
Points 29,645
Joined: Mar 2011
Location: United States, Connecticut

Yet another Flash exploit what a surprise. Flash is how a good portion of the malware in the wild gets into peoples devices. I would like to start a campaign to kill flash forever... HTML 5 is the way of the world.

  • | Post Points: 20
Top 50 Contributor
Posts 2,917
Points 24,670
Joined: Jul 2001
Location: United States, New York
digitaldd replied on Mon, May 7 2012 10:29 AM

Yup Flash and Adobe Acrobat/Reader. along with Java are the most common ways to get malware. Don't install any of them unless you need them. 

  • | Post Points: 20
Not Ranked
Posts 1
Points 5
Joined: May 2012
webguy replied on Mon, May 7 2012 11:54 AM

Looks like its time people get a taste of what Flash Player 11 can do. Laughing at HTML5 fanboys who just dont get it.

  • | Post Points: 5
Page 1 of 1 (4 items) | RSS