Adobe patches latest Flash zero-day
Time to Patch Your Flash — Krebs on SecurityAdobe today patched a critical vulnerability in Flash Player that the company said criminals were already exploiting with malicious Microsoft Word and Excel documents.
Google Chrome users got the the update Thursday
On Monday, Adobe acknowledged the bug , said exploits were circulating, and promised to fix the flaw with an emergency update.
Today's update was Adobe's second rush patch in less than four weeks.The new version, Flash Player 10.2.159.1, is available for Windows, Mac, Linux and Solaris.
Missing from that list is Android, the Google mobile operating system that also runs Flash. A fix for the same flaw will be issued to Android users no later than the week of April 25, said Adobe.
Adobe will patch the popular PDF viewer Adobe Reader that same week. The Flash vulnerability also exists in Reader and the more advanced Acrobat because both include code that renders Flash content embedded in PDF files.
If it seems like you just updated your Flash Player software to plug a security hole that attackers were using to break into computers, you’re probably not imagining things: Three weeks ago, Adobe rushed out a new version
to sew up a critical new security flaw. Today, Adobe issued a critical
Flash update to eliminate another dangerous security hole that criminals
are actively exploiting.