Adobe today released a security bulletin addressing a critical vulnerability (CVE-2014-0497) in its Flash product that could allow an attacker to remotely take control of an affected system. The company says it is aware of reports that the security hole is being exploited in the wild.
Affected versions include Flash Player 12.0.0.43 and earlier for Windows and Macintosh as well as Flash Player 11.2.202.335 and earlier for Linux. As such, Adobe recommends that users update their product installations to the latest versions:
- Users of Adobe Flash Player 12.0.0.43 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 12.0.0.44.
- Users of Adobe Flash Player 11.2.202.335 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.336.
- Adobe Flash Player 12.0.0.41 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 12.0.0.44 for Windows, Macintosh and Linux.
- Adobe Flash Player 12.0.0.38 installed with Internet Explorer 10 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 12.0.0.44 for Windows 8.0.
- Adobe Flash Player 12.0.0.38 installed with Internet Explorer 11 will automatically be updated to the latest Internet Explorer 11 version, which will include Adobe Flash Player 12.0.0.44 for Windows 8.1.
In other words, unless you’re using the latest versions of Chrome or Internet Explorer, you’ll want to manually update Adobe Flash immediately. You can get the latest version now directly from the Adobe Download Center.
While the vulnerability also exists in Adobe Flash for Linux, Adobe has given the issue a lower priority rating of 3, compared to 1 for Windows and Mac. Nevertheless, we recommend Linux users to update, even if their systems aren’t currently being targeted in the wild.
See also – Adobe announces rapid release cycle for Flash, starting now with version 11.5 and Adobe introduces support for 3D printing to Photoshop, brings a glut of new features to its Creative Cloud apps
Top Image Credit: Vangelis Thomaidis
Get the TNW newsletter
Get the most important tech news in your inbox each week.