Adobe has just released an important security update for its Flash Player across all platforms, which will fix a security exploit that the company says is already being used in the wild.
In a security bulletin that was posted on Friday, it explains that the vulnerability could cause Flash to crash and as a result allow an attacker to take control of a user’s system.
According to Adobe, they have already received reports that the exploit is being used by attackers in the form of an email with a malicious file attached. When the user clicks this file, the file will take advantage of the vulnerability and compromise the user’s computer system. It would seem that at the moment, the attack is only being directed at Windows users and more specifically those who use Internet Explorer. However, it must be stressed that the vulnerability itself is present in the Flash Player for OS X, Linux and also Android as well.
The exploit was discovered by Microsoft Vulnerability Research or MSVR who notified Adobe and have been working together to release a fix.
Users are urged to update to Flash Player version 18.104.22.168 by visiting Adobe’s website; Android users can update via the Google Play Store (version 22.214.171.124 for Ice Cream Sandwich and 126.96.36.199 for devices running Android 3.0 or earlier). If you are using Google Chrome, you should already be safe from the vulnerability as Chrome has a built-in version of Flash which automatically updates itself. But remember, although you may use the built-in version of Flash with Chrome, some systems still have the stand-alone version of Flash installed too, therefore you should also check to make sure that version is also up-to-date. You can do this by clicking on the ‘About Flash’ page which will tell you if and what version of Flash you have installed.