Adobe today released a surprise patch, which takes care of new vulnerabilities in its Flash Player. These loopholes are being exploited by hackers who are now targeting users of the popular browser, Firefox. This is the second emergency fix this month and fourth during this year.
Adobe confirmed that it was patching three serious vulnerabilities for its popular media player browser plug-in.
"Adobe is aware of reports that CVE-2013-0643 and CVE-2013-0648 are being exploited in the wild in targeted attacks designed to trick the user into clicking a link which directs to a website serving malicious Flash content," said the company in an advisory. "The exploit for CVE-2013-0643 and CVE-2013-0648 is designed to target the Firefox browser."
Vulnerabilties on Windows and Mac systems have been given a rating of Priority 1, with the company requesting all users of these operating systems to install the update in 72 hours. Adobe also assigned a Flash vulnerability facing Linux users a Priority 3 rating, since it happens to be a product that has historically not been targeted by attackers.
Adobe recommends that users update to the latest versions:
Users of Adobe Flash Player 11.6.602.168 and earlier versions for Windows and Adobe Flash Player 11.6.602.167 and earlier versions for Macintosh should update to Adobe Flash Player 11.6.602.171.
Users of Adobe Flash Player 126.96.36.1990 and earlier versions for Linux should update to Adobe Flash Player 188.8.131.523.
Flash Player installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 11.6.602.171 for Windows, Macintosh, and Linux.
Flash Player installed with Internet Explorer 10 for Windows 8 will automatically be updated to the latest version of Internet Explorer 10, which will include Adobe Flash Player 11.6.602.171 for Windows.
by RTT Staff Writer
For comments and feedback: firstname.lastname@example.org