Saturday, February 9, 2013

Adobe Flash is under attack


Attacks on Java may be subsided for a few days but the other kink in your armor — Flash — is now under attack. Adobe has released a security bulletin notifying Windows and Mac OS X users to update to Flash 11.5.502.149 because of an ongoing attack targeting Windows and Mac OS X users, an attack that exploits a Flash vulnerability in previous versions of Flash.

According to Adobe, in-the-wild attacks aimed at Windows users via Microsoft Word documents that contained infected SWF content; this attack is being conducted via e-mails that are spreading these Word files through attachments. The attack on Mac OS X users is via websites that utilize drive-by-downloads (i.e. something that is automatically downloaded to a user’s computer upon visiting an infected website). Any Mac users running Safari and Firefox is susceptible to this attack.

If infected, the vulnerability in Flash allows scumbags to remotely take over your computer.

Windows and Mac OS X users are encourage to update to the latest version of Flash — 11.5.502.149 — that protects against this particular vulnerability. Chrome and Internet Explorer 10 will issue their own updates to Flash. Adobe has also issued updates to Flash for Linux and Android but those platforms are not currently under attack via this specific vulnerability.

If you are unsure what version of Flash you have, you can go to this link which will tell you what version you have: http://www.adobe.com/software/flash/about/