Adobe has released important security updates for Adobe Flash Player to plug an object confusion vulnerability that could allow an attacker to crash the application and take control of the affected system.
Adobe warns that the security flaw is actively being exploited in targeted attacks against Flash Player on Internet Explorer for Windows. The attacks are email-based and involve tricking the user into clicking on malicious files delivered in email messages.
Although the attacks target Flash Player for Internet Explorer on Windows, Adobe recommends that all Windows, OS X and Linux users update to Flash Player 220.127.116.11, Android 4.x users update to Flash Player 18.104.22.168, and Android 3.x and earlier update to Flash Player 22.214.171.124 since the vulnerability exists in previous Flash Player versions for those platforms as well.
Check What Version of Flash Player You Have
Users can check what version of Flash Player they currently have installed by:
- Visiting the Adobe Flash Player page, or
- Right-clicking on content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu.
You will have to check the version for each separate browser if you didn’t opt for automatic silent updates (Google Chrome was updated automatically, so no user interaction is required). Keep in mind that the silent updates are only available for Windows at this time.
It is strongly recommended that Windows users update Flash Player immediately.
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.