clock menu more-arrow no yes mobile

Filed under:

Adobe releases Flash exploit fix for all platforms; Windows users already targeted

New, 19 comments

Adobe has released a security update to all versions of its Flash Player software, addressing a security vulnerability that the company states is already being used in the wild.

If you buy something from a Verge link, Vox Media may earn a commission. See our ethics statement.

Flash logo
Flash logo

Adobe has released a security update for all versions of Flash Player, addressing a security exploit that it says is already being used in the wild. According to a security bulletin posted Friday, the vulnerability could cause Flash to crash, and in the process allow an attacker to take control of a user's system. The company notes that it has received reports that the exploit is already being taken advantage of by attackers via email; clicking on a malicious file attachment initiates the attack on a vulnerable system. The cited attack is currently targeted only at Internet Explorer users on Windows, but the vulnerability itself is present in Flash Player for Windows, OS X, Linux, and Android.

Computer users are urged to update to Flash Player version by visiting Adobe's website; Android users can update via the Google Play Store (version for Ice Cream Sandwich and for devices running Android 3.0 or earlier). Google Chrome users should already be safe, as the browser's built-in implementation of Flash updates automatically — though of course if you have Flash installed on your overall system as well you'll need to address that update directly. You can visit the Flash "about" page to determine what version of the software your machine is currently running.