Adobe released a patch for a Flash scripting-related security flaw on Monday that the company is calling “important.” The flaw affects Flash Player 10.3.181.16 and earlier on Mac OS X, Windows, Linux and Solaris, along with FLash Player 10.3.185.22 and earlier for Android OS.
Flash Player update patches another security flaw
The scripting flaw, as described in Adobe Security Bulletin CVE-2011-2107, “could be used to take actions on a user’s behalf on any website or webmail provider, if the user visits a malicious website.”
Adobe claims the flaw is already being exploited and that victims are being sent emails with malicious links embedded in the message body.
The Flash Player 10.3.181.22 update addresses the scripting flaw, and Adobe is recommending all users install the update immediately. Flash Player 10.3.185.22 for Android will include the same patch and should be available some time this week.