Adobe releases Flash update to address new attacks on Mac and WindowsIn a security advisory published on Thursday, Adobe announced the immediate availability of a patch covering two newly discovered Flash vulnerabilities that are being exploited "in the wild."
The two bugs, one affecting Apple's Mac platform and another attacking Microsoft's Windows, exploit certain Flash player vulnerabilities to install malware onto users' systems, reports ArsTechnica. While users of other operating systems like Linux have yet to report attacks, Adobe's advisory notes the exploit affects all platforms.
Designated as CVE-2013-0634, the first vulnerability targets the Safari and Firefox Web browsers running on OS X, and is also being used as a trojan to deploy Microsoft Word documents containing malware. For Mac users, the flaw affects Adobe Flash Player version 11.5.502.146 or earlier.
From Adobe's release:
Adobe is also aware of reports that CVE-2013-0634 is being exploited in the wild in attacks delivered via malicious Flash (SWF) content hosted on websites that target Flash Player in Firefox or Safari on the Macintosh platform, as well as attacks designed to trick Windows users into opening a Microsoft Word document delivered as an email attachment which contains malicious Flash (SWF) content.The second bug, cataloged as CVE-2013-0633, only affects Windows machines and uses a similar Microsoft Word document trojan to execute attacks.
The Adobe Flash patch can be found on the company's website, and users can visit this page to check if their software is the most curent 11.5.502.149 version.
On Topic: Mac OS X
- Skype cloud shift will require OS X Yosemite or iOS 8 for full support on Apple devices
- Apple issues third macOS Sierra beta to developers
- MacKeeper threatens 14-year-old YouTube video maker with harassment suit
- Video: See all the best new features in Apple's macOS Sierra
- macOS Sierra may expand use of Dark Mode to native app backgrounds