Adobe today released a security bulletin addressing a critical vulnerability (CVE-2014-0515) in its Flash product that could allow an attacker to remotely take control of an affected system. The company says it is aware of reports that the security hole is being exploited in the wild for Windows machines, but notes Macs and Linux computers are also vulnerable.

Affected versions include Flash Player 13.0.0.182 and earlier versions for Windows, Flash Player 13.0.0.201 and earlier versions for Mac, as well as Flash Player 11.2.202.350 and earlier versions for Linux. As such, Adobe recommends that users update their product installations to the latest versions:

  • Users of Adobe Flash Player 13.0.0.182 and earlier versions for Windows should update to Adobe Flash Player 13.0.0.206.
  • Users of Adobe Flash Player 13.0.0.201 and earlier versions for Macintosh should update to Adobe Flash Player 13.0.0.206.
  • Users of Adobe Flash Player 11.2.202.350 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.356.
  • Adobe Flash Player 13.0.0.182 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 13.0.0.206 for Windows, Macintosh and Linux.
  • Adobe Flash Player 13.0.0.182 installed with Internet Explorer 10 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 13.0.0.206 for Windows 8.0.
  • Adobe Flash Player 13.0.0.182 installed with Internet Explorer 11 will automatically be updated to the latest Internet Explorer 11 version, which will include Adobe Flash Player 13.0.0.206 for Windows 8.1.

In other words, unless you’re using the latest versions of Chrome or Internet Explorer, you’ll want to manually update Adobe Flash immediately. You can get the latest version now directly from the Adobe Download Center.

In the case of Flash for Linux, Adobe has given the issue a lower priority rating of 3, compared to 1 for Windows and Mac. Nevertheless, we recommend that Linux users update, even if their systems aren’t currently being targeted in the wild.

See also – Adobe announces rapid release cycle for Flash, starting now with version 11.5 and Adobe introduces support for 3D printing to Photoshop, brings a glut of new features to its Creative Cloud apps

Top Image Credit: Vangelis Thomaidis