Thursday, February 07, 2013, 04:42 pm PT (07:42 pm ET)
Adobe releases Flash update to address new attacks on Mac and WindowsIn a security advisory published on Thursday, Adobe announced the immediate availability of a patch covering two newly discovered Flash vulnerabilities that are being exploited "in the wild."
The two bugs, one affecting Apple's Mac platform and another attacking Microsoft's Windows, exploit certain Flash player vulnerabilities to install malware onto users' systems, reports ArsTechnica. While users of other operating systems like Linux have yet to report attacks, Adobe's advisory notes the exploit affects all platforms.
Designated as CVE-2013-0634, the first vulnerability targets the Safari and Firefox Web browsers running on OS X, and is also being used as a trojan to deploy Microsoft Word documents containing malware. For Mac users, the flaw affects Adobe Flash Player version 11.5.502.146 or earlier.
From Adobe's release:
Adobe is also aware of reports that CVE-2013-0634 is being exploited in the wild in attacks delivered via malicious Flash (SWF) content hosted on websites that target Flash Player in Firefox or Safari on the Macintosh platform, as well as attacks designed to trick Windows users into opening a Microsoft Word document delivered as an email attachment which contains malicious Flash (SWF) content.The second bug, cataloged as CVE-2013-0633, only affects Windows machines and uses a similar Microsoft Word document trojan to execute attacks.
The Adobe Flash patch can be found on the company's website, and users can visit this page to check if their software is the most curent 11.5.502.149 version.
On Topic: Mac OS X
- Belkin unveils Thunderbolt 2 Express Dock HD for Apple's Macs
- Apple calls for OS X Yosemite app submissions ahead of launch
- Apple provides golden master candidate of OS X Yosemite to developers
- Apple releases bash patch to plug 'Shellshock' security flaw in OS X Mavericks, Mountain Lion, Lion
- Apple says most customers not vulnerable to 'shellshock,' patch coming for advanced users