Adobe Rolls Out ‘Emergency’ Flash Patch
Patch looks to address issues in Flash which have recently been hijacked by cybercriminals
Adobe has issued an emergency patch to address a number of issues affecting its Flash player software.
In a security bulletin issued today, the company urges users to install the update immediately to ensure that their devices are safeguarded from attack.
Adobe says that the patch addresses 23 separate security bugs in Flash, many of which are rated ‘critical’, including one which was being used by hackers to carry out a “limited number of targeted attacks”.
This particularly serious bug could have allowed attackers to take over a computer to steal personal information or to carry out surveillance on the user.
Patched up
The patch affects versions of Flash used on many different platforms and devices, including Windows PCs, Chrome OS, Macs and Linux computers, as well as phones running Android and iOS.
Adobe’s security bulletin notes that it was alerted to the myriad of issues by security researchers from several different firms, including Google, Microsoft, Kaspersky Lab and Alibaba.
The patches are available to download now, either automatically through Flash’s update system, or manually via the Adobe website.
The issue is the latest in a series to affect Flash, which has fallen from grace in recent years as it has fallen victim to a number of serious security problems.
Identified by many security experts as presenting an unnecessary security risk when web browsing, in July, Mozilla blocked Adobe Flash by default in its Firefox browser following the discovery of more zero-day vulnerabilities in the browser plug-in. That block remained in place until Adobe rushed out a patch for the flaw.
Flash’s time may already be up, as reports in December suggested that Adobe was now “encouraging” developers and content creators away from the software in order to use newer web standards.
Are you a security pro? Try our quiz!