Adobe released an update for its Flash Player on Monday to addressed a critical security flaw that could let attackers gain control over user’s computers or Android OS devices. Flash Player 10.2.152.33 patches a flaw that takes advantage of maliciously crafted SFW filed embedded in Excel documents.
Adobe patches zero-day Flash exploit
According to Adobe, attackers are currently embedding a maliciously crafted SWF file in Excel spreadsheet documents delivered as email attachments. Once the Excel document is opened, attackers can potentially take control of the victim’s system.
Mac OS X, Windows, Linux, Solaris and Android users are all susceptible to the attack, and Adobe is recommending users update to the latest version of Flash Player immediately.
Acrobat X and Adobe Reader 10.0.1 and earlier are also potentially susceptible to the exploit, but an Adobe security bulletin claims there aren’t any known attacks in the wild.
The update for Flash Player is available at the Adobe Web site.
2 Comments
The patch for Flash is 10.2.153.1, not 10.2.152.33. See http://www.adobe.com/support/security/.
Why would someone want to embed a Flash file inside an Excel spreadsheet? I guess they must be used for animated graphs or something?
Log-in to comment