Security News

Adobe Patches Flash Flaw Targeted by Exploit in the Wild

Posted on by

adobe-patched-headerAdobe Systems has released a patch for 22 vulnerabilities in Flash Player, one of which is reportedly under attack by an exploit that exists in the wild. The most critical vulnerability, CVE-2015-3043, could lead to code execution. Adobe’s Flash Player security updates are available for Macintosh, Windows and Linux.

“Adobe is aware of a report that an exploit for CVE-2015-3043 exists in the wild, and recommends users update their product installations,” said Adobe. If you reached this page because you’re unsure if a popup alert from Adobe is real, take a look at our helpful guide for best practices how to safely install and update Adobe Flash Player.

Affected software versions (now out of date and vulnerable) include: Adobe Flash Player and earlier versions, Adobe Flash Player and earlier 13.x versions, and Adobe Flash Player and earlier 11.x versions.

Adobe’s security bulletin describes the vulnerabilities patched in these updates as follows:

Adobe Flash users running Mac OS X and Windows computers should update to Adobe Flash Player (14.9 MB) as soon as possible to avoid potential attacks. Linux users should update to Adobe Flash Player

Adobe Flash Player installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Flash Player Moreover, Adobe Flash installed with Internet Explorer (IE) for Windows 8.x will automatically be updated to the latest version when available, which will include Adobe Flash Player

In addition to patching Flash Player vulnerabilities, Adobe has also released security updates for ColdFusion and Adobe Flex—each addressing a separate vulnerability.