Adobe has discovered a "critical" vulnerability affecting many recent versions of Flash Player, according to a new security bulletin, which warns that the exploit is already in use by hackers.
The unspecified flaw is being employed in "limited, targeted attacks," Adobe said. Affected Flash versions include 19.0.0.207 and earlier for Mac and Windows, any 18.x update of the Extended Support Release, and any 11.x version for Linux.
The exploit can potentially cause a person's computer to crash, or given an attacker system control. Adobe says that it's developing a fix, which it hopes will be available sometime next week.
Apple has consciously avoided pre-installing Flash on Macs for years, citing the potential security threats involved. Indeed the company has chosen to leave Oracle's Java off of Macs for the same reason.
Flash has also become increasingly less relevant, often supplanted by technologies such as HTML5 video. The plugin is completely absent and unavailable in the iOS version of Safari.
46 Comments
People still install Flash? That's akin to emulating Bruce Willis' character north of 125th Street in Die Hard III.
A fix.... next week? The executives in charge of Flash shouldn't get a bonus this year, in my opinion. Several zero-day exploits this year. Flash itself should die and rot in hell.
This "bag of hurt" just won't die... Why don't Adobe just announce it is stopping all support? After Steve Jobs drove a stake through Flash's heart, it's been a walking deadman lurching about the landscape...
Everyone should either not install Flash or use Click-to-Flash if necessary (and only with trusted websites).
Mostly its disabled, but I had to use Flash just last night :(. It's still out there…