flash-zero-day-vulnerability-patched

Less than a month after a critical Flash vulnerability allowed an attacker to take control of a Mac, Adobe has issued an emergency update for yet another critical flaw. The latest one is already being exploited by ransomware that encrypts Windows PCs, but while there’s no known exploit for OS X as yet, Adobe says that the same vulnerability exists on all platforms, and users should update immediately …

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.  

Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 10 and earlier with Flash Player version 20.0.0.306 and earlier.

Apple often blocks vulnerable versions of Flash in Safari, but as that takes time, it’s best not to rely on this. You can update your version of Flash by visiting Adobe’s update page and hitting the ‘Install now’ button. Flash updates should, of course, be refused from other sites as it’s not unusual for malware-infected fake versions to be offered.

Given the succession of vulnerabilities found in Flash, Steve Jobs’ 2010 essay seems as relevant today as it was then. With an increasing number of people opting to zap Flash from their systems altogether, I think I’m going to try the experiment myself.

Via and photo: Reuters

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author

Ben Lovejoy's favorite gear