Even as the Flash Player vulnerability is being exploited in the wild, Adobe releases patch to fix it
Adobe has finally woken the mega bug that lets cyber criminals take control of the affected PCs and issued a security update for its Flash Player on OS X, Windows, and Linux.
The company says in a security bulletin on its website that the update addresses the critical security vulnerability that could allow an attacker to gain control and take over an affected system.
Even as Adobe’s patch is underway for the bug, hackers have been taking advantage of this vulnerability with systems running Internet Explorer for Windows 7 and Firefox on Windows XP to take control of users system for malicious purpose. Adobe has countered that by releasing 22.214.171.124 build of Flash Player and is urged all users to update immediately.
The latest build of Flash is available via Adobe’s Download Center, although all users should also be prompted via the software’s built-in update mechanism.
As regards to OS X, Apple had earlier blocked old versions of Flash Player in Safari through a web plug-in blocking mechanism in OS. It is reported that Apple will take similar action and block all versions of Flash Players prior to the above released 126.96.36.199 build in order to protect its OS X users.
Regarding the security flaw that build 188.8.131.52 addresses, Adobe wrote the following in a bulletin on its website:
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address a critical vulnerability (CVE-2015-3113) that could potentially allow an attacker to take control of the affected system.
Adobe is aware of reports that CVE-2015-3113 is being actively exploited in the wild via limited, targeted attacks. Systems running Internet Explorer for Windows 7 and below, as well as Firefox on Windows XP, are known targets.
You can download the latest version of Flash here.