Adobe issues patch after Apple bans out-of-date Flash
By Stewart Mitchell
Posted on 8 Feb 2013 at 10:32
Adobe has released a security patch for two critical Flash vulnerabilities that are already being exploited in the wild.
The Flash flaws are already being exploited in the Apple and Microsoft versions of Flash, but the vulnerabilities also affect Linux and Android software.
The release has prompted Apple to block Flash unless users update their software, with an on-screen warning prompting them to take action.
Adobe said all users should upgrade to the latest versions to protect against crashes and attacks from hackers.
"CVE-2013-0633 is being exploited in the wild in targeted attacks designed to trick the user into opening a Microsoft Word document delivered as an email attachment which contains malicious Flash content," the company said of the attack against the Windows version of Flash.
Another vulnerability – CVE-2013-0634 - could have a wider impact.
"Adobe is also aware of reports that CVE-2013-0634 is being exploited in the wild in attacks delivered via malicious Flash content hosted on websites that target Flash Player in Firefox or Safari on the Macintosh platform, as well as attacks designed to trick Windows users into opening a Microsoft Word document which contains malicious Flash (SWF) content.”
The company lists the versions affected and updates required here.
Admins will have 12 issues to fix in Microsoft's February Patch Tuesday - five of them critical.
The five vulnerabilities affect Internet Explorer, Windows and Microsoft Server, and seven of the 12 fixes require a restart.
"The two critical bulletins in Internet Explorer seem to impact all versions," said Ziv Mador, director of security research at Trustwave.
"This will probably make these two the most critical of all the critical patches this month. If the IE updates don’t take the top spot, the patch for Exchange will. The patch will impact Exchange 2007 and 2010, will require a restart and [could] result in remote code execution if not applied."
I'm more concerned about the Android version, I wonder if they will patch it?
By tech3475 on 8 Feb 2013
Flash player update
Hi, I have an iMac running lion 10.7.5. I have updated my flash player as prompted but am still unable to view youtube vids and have just received the same message (blocked plugin) trying to access areas of google maps. Is anyone else having this problem?
By Lozrabone on 9 Feb 2013
- Is it worth upgrading a media centre to Windows 8?
- Flickr redesign: is it enough to tempt photographers back?
- Hands on with the new Google Maps
- Nokia Lumia 925 review: first look
- Why I won't subscribe to Creative Cloud
- GoPro camera strapped to a remote-control helicopter: the ultimate boy's toy
- Acer Iconia A1 review: first look
- Acer Aspire P3 review: first look
- Acer Aspire R7 review: first look
- How we produce the PC Pro podcast
- Yes, I write down my passwords
- How to deal with a ransomware attack
- How secure is your Wi-Fi network?
- How QR codes caught out the security pros
- Why I do not trust Do Not Track... yet
- The hard disks you can "secure" with a single-digit password
- Why I've started using a password manager
- Time to kill off CAPTCHA
- Are today's young people Generation I (for insecure)?
- Ransomware that's better made than antivirus software