Adobe Patches Critical Flash Security Flaw

| News

Adobe released an update for its Flash Player on Monday to addressed a critical security flaw that could let attackers gain control over user’s computers or Android OS devices. Flash Player 10.2.152.33 patches a flaw that takes advantage of maliciously crafted SFW filed embedded in Excel documents.

Adobe Security Flash patchedAdobe patches zero-day Flash exploit

According to Adobe, attackers are currently embedding a maliciously crafted SWF file in Excel spreadsheet documents delivered as email attachments. Once the Excel document is opened, attackers can potentially take control of the victim’s system.

Mac OS X, Windows, Linux, Solaris and Android users are all susceptible to the attack, and Adobe is recommending users update to the latest version of Flash Player immediately.

Acrobat X and Adobe Reader 10.0.1 and earlier are also potentially susceptible to the exploit, but an Adobe security bulletin claims there aren’t any known attacks in the wild.

The update for Flash Player is available at the Adobe Web site.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

Comments

Nemo

The patch for Flash is 10.2.153.1, not 10.2.152.33.  See http://www.adobe.com/support/security/.

DrShakagee

Why would someone want to embed a Flash file inside an Excel spreadsheet? I guess they must be used for animated graphs or something?

Log-in to comment