Wednesday, February 27, 2013
Adobe has removed three critical vulnerabilities in Flash Player
Adobe has released a security update for Flash Player 11.6.602.168 and earlier versions for Windows, as well as Flash Player 11.6.602.167 and earlier versions for Macintosh and Flash Player 126.96.36.199 and earlier versions for Linux. Vulnerabilities in the program allows an attacker to gain control of the target system.
«Adobe knows that CVE-2013-0643 and CVE-2013-0648 is actively used by hackers to carry out targeted attacks in which the user sends a link to a site that provides a malicious Flash-content. Ekploity for CVE-2013-0643 and CVE-2013-0648 allow for targeted attacks on users of the browser Firefox », - stated in the notification from Adobe.
It is currently unknown who discovered the vulnerability in Flash Player and reported them to Adobe. In Mozilla also do not provide comment on the attacks on users Firefox.
Updated versions of Flash Player for Windows, Mac and Linux can be downloaded from the manufacturer. Windows and Mac users can also wait for automatic update.
A detailed description of vulnerabilities can be found here .
Security updates available for Adobe Flash Player: https://www.adobe.com/support/security/bulletins/apsb13-08.html