Adobe rushes out patch to counter Flash attacks

Adobe has posted a Flash Player update to address security flaws which the company says are being actively targeted in the wild.

The company said that the update applies to the Windows, OS X, Linux and Android versions of the media plug-in. The fix will address a pair of critical vulnerabilities which, if targetted, can allow an attacker to remotely execute code on a targeted system.

According to Adobe, one of the vulnerabilities is being actively targeted against Windows users by embedding Flash attack code within Word documents. Users are then tricked into opening the document and executing the Flash exploit.

Another vulnerability addressed in the update, claims Adobe, is being exploited on the OS X platform via attack sites. When the user loads the attack site on Safari, the malicious code is triggered and the exploit is launched.

Due to the reports of active exploits in the wild, the company is making the update a top priority for Windows and OS X users. The update is considered to be a lower deployment priority for Linux and Android devices at this time.

In addition to manually updating their versions of Flash Player users running Windows 8 PCs can obtain the patch by updating to the latest version of Windows 10. Similarly, users running Chrome on Windows, OS X and Linux can get the patch by updating their browser to the most recent build.