Zero-Day Flash Vulnerability Prompts Rushed Update
Posted on by Peter James
Adobe has released updates to its Flash Player software to correct a zero-day vulnerability that is being exploited in the wild. According to Adobe:
There are reports that one of these vulnerabilities (CVE-2011-2444) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message. This universal cross-site scripting issue could be used to take actions on a user’s behalf on any website or webmail provider if the user visits a malicious website.
All users of Flash Player should update the software as soon as possible to version 10.3.183.10. You can download a new version of Flash here.