Adobe releases Flash update to address new attacks on Mac and WindowsIn a security advisory published on Thursday, Adobe announced the immediate availability of a patch covering two newly discovered Flash vulnerabilities that are being exploited "in the wild."
The two bugs, one affecting Apple's Mac platform and another attacking Microsoft's Windows, exploit certain Flash player vulnerabilities to install malware onto users' systems, reports ArsTechnica. While users of other operating systems like Linux have yet to report attacks, Adobe's advisory notes the exploit affects all platforms.
Designated as CVE-2013-0634, the first vulnerability targets the Safari and Firefox Web browsers running on OS X, and is also being used as a trojan to deploy Microsoft Word documents containing malware. For Mac users, the flaw affects Adobe Flash Player version 11.5.502.146 or earlier.
From Adobe's release:
Adobe is also aware of reports that CVE-2013-0634 is being exploited in the wild in attacks delivered via malicious Flash (SWF) content hosted on websites that target Flash Player in Firefox or Safari on the Macintosh platform, as well as attacks designed to trick Windows users into opening a Microsoft Word document delivered as an email attachment which contains malicious Flash (SWF) content.The second bug, cataloged as CVE-2013-0633, only affects Windows machines and uses a similar Microsoft Word document trojan to execute attacks.
The Adobe Flash patch can be found on the company's website, and users can visit this page to check if their software is the most curent 11.5.502.149 version.
On Topic: Mac OS X
- Anticipating WWDC 2016: What's in store for Apple's Macs and OS X
- Pixelmator for Mac gets new Quick and Magnetic selection tools, Retouch extension for Photos
- Apple drops new betas for OS X 10.11.6, iOS 9.3.3, and tvOS 9.2.2
- Apple might let users unlock Mac via Touch ID on iPhone with OS X 10.12
- Leaked screens show Siri in Apple's upcoming OS X 10.12 with always-on 'Hey Siri'