Posted on 01/25/2015 9:08:43 PM PST by Swordmaker
Adobe on Saturday released an updated version of its Flash player software that patches an undisclosed vulnerability which could allow remote attackers to take control of Macs or PCs, urging users to update as the problem is being actively exploited by malicious actors.
Flash versions up to and including 16.0.0.287 on OS X and Windows and 11.2.202.438 on Linux are susceptible to the attack, the cause of which has yet to be detailed. Mac users with Adobe's automatic update feature enabled should begin receiving updates to version 16.0.0.296 immediately, and the company is preparing a standalone patch for manual installation to be released this week. Adobe is also working with Google to update the embedded version of Flash included in the Chrome browser.
The vulnerability — which has been assigned CVE number 2015-0311 — is "being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below," Adobe said in a security advisory. A "drive-by-download" attack is one in which software is downloaded to a user's computer without their knowledge or explicit consent.
Adobe defines CVE-2015-0311 as "critical," meaning a "vulnerability, which, if exploited would allow malicious native-code to execute, potentially without a user being aware."
Users can check the version of Flash installed on their system by visiting Adobe's About Flash Player page or right-clicking on Flash content in their browser and choosing "About Adobe (or Macromedia) Flash Player" from the contextual menu. Instructions for enabling automatic updates or manually updating Flash can be found here.
Now another question, if you wouldn't mind. If I reinstall it using Opera as my browser instead of IE would that bypass the problem, or should I just wait until further notice from Adobe that the problem has been fixed?
I think that there will be more and more updates in the coming weeks. They referred to this update as a "beta" so there will be a final at some point. . . but that won't be the final, final, ever with Flash. Just keep on top of it as it happens.
Seven years ago Steve Jobs stated that the primary problem on OS X came from Flash Player. . . and that was why Apple would never allow it on iOS.
(Chuckle)
That’s me, all right . . .
Thanks.
Installed. Adobe always changes the default on updates and I always change them back. :-)
No automatically installed updates.
Oh, you meant “Adobe”; I saw “ADOBIE,” assumed you fat-fingered typing A DOBIE, and trotted out to the front lawn to deal with the, uh, “deposit.”
Happy to find that it’s just the usual Adobe stuff; that I can handle; statistics are in my favor, at least.
What’s difficult to cope with are the results of allowing the kids in the house to use the central computer.
I burned some hours last evening eradicating the nasty “cheaap4all” Chrome extension from my main household machine. This thing was quite unwilling to stay Removed, and actively hid itself from MBAM scans.
It started life as a typso, but it kind of grew in amusement level ,so i left it in place. :)
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.