Adobe Patches Flash Scripting Security Flaw

Adobe released a patch for a Flash scripting-related security flaw on Monday that the company is calling “important.” The flaw affects Flash Player and earlier on Mac OS X, Windows, Linux and Solaris, along with FLash Player and earlier for Android OS.

Adobe Flash Player, now with one less security flawFlash Player update patches another security flaw

The scripting flaw, as described in Adobe Security Bulletin CVE-2011-2107, “could be used to take actions on a user’s behalf on any website or webmail provider, if the user visits a malicious website.”

Adobe claims the flaw is already being exploited and that victims are being sent emails with malicious links embedded in the message body.

The Flash Player update addresses the scripting flaw, and Adobe is recommending all users install the update immediately. Flash Player for Android will include the same patch and should be available some time this week.