Adobe Updates Flash Player to Fix Vulnerabilities Used in Ongoing Attacks

Adobe Flash PlayerIt’s time to update Adobe Flash Player!

Adobe released an emergency patch for Adobe Flash Player to address two vulnerabilities (CVE-2013-0633 & CVE-2013-0634) that are actively being exploited by cybercriminals to spread malware.

Attacks using the CVE-2013-0633 vulnerability involve tricking Windows users into opening a booby-trapped Word document (.doc) containing malicious Flash (SWF) content. The malicious Word documents arrive as an email attachment.

The second vulnerability, CVE-2013-0634 is being exploited in drive-by-download attacks using malicious Flash content and pose a threat to both Windows & Mac OS X users.

Adobe recommends that Linux and Android users update their software even though Windows & OS X are the only ones that appear to be targeted in the ongoing attacks.

Affected Flash Player versions, according to Adobe’s security advisory:

  • Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.261 and earlier versions for Linux
  • Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x
  • Adobe Flash Player 11.1.111.31 and earlier versions for Android 3.x and 2.x

Not Sure What Version of Flash Player You Have?

Users that are unsure of what version they’re running can find out by:

  • Visiting the About Flash Player page on Adobe’s website.
  • Right-clicking on content running in Flash Player & select “About Adobe (or Macromedia) Flash Player” from the menu.

Be sure to check the version in each web browser installed on your system; just remember that Google Chrome & IE10 will be updated automatically!

How to Update Adobe Flash Player

To update their installation of Adobe Flash Player, users can:

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

This entry was posted in Computer Security, internet scam, malware, social engineering, spam and tagged , , , , , , , , .
Follow any comments here with the RSS feed for this post. Trackbacks are closed, but you can post a comment.

© 2014 Hyphenet, Inc.
1761 Hotel Circle S, Suite 350, San Diego, CA 92108

All rights reserved. Reproduction in whole or in part in any form or medium without express written permission is prohibited.

Hyphenet IT Security Blog located at 1761 Hotel Circle South, Suite 350 , San Diego, CA . Reviewed by 91 customers rated: 3.8 / 5