Following reports of malware attacks on OS X and Windows users due to Flash player vulnerabilities, Adobe has issued emergency patches in order to prevent the two Flash player versions from being exploited online. Furthermore, the company ha also rolled out Flash player patches for users of Linux and Android, ArsTechnica is reporting.
The source explains that the OS X exploits target users of the Safari browser as well as those using Mozilla’s Firefox. The same vulnerability is also being used in exploits that trick Windows users into opening booby-trapped documents that contain malicious Flash content. Another exploit works by tricking Windows users into opening a Word document containing malicious Flash content. The bug was discovered by researchers from antivirus provider Kaspersky Lab.
Adobe’s advisory came the same day the company announced plans to provide new protections designed to make it harder to target Flash contained in Microsoft Office files. Effective in a Flash version to be released soon, users of Office 2008 and earlier will receive a prompt before documents will execute Flash content. The content will only run once users click an OK button. The “click-to-play” prompt won’t apply to Office 2010, which already contains a “Protected Mode” sandbox that limits the privileges of content within a document.
The fix brings the latest version of Flash for Windows and OS X to v. 11.5.502.149. If you’re still running an older version of Flash player on your computer, better update now!