Adobe patches zero-day Flash flaw

Three vulnerabilities, including one being exploited in the wild, are fixed in another emergency update of the Flash Player from Adobe.
Click on image to install current version of Adobe Flash Player

Adobe has released critical updates for Flash Player on Windows, Mac and Linux. Versions and earlier for Windows and Macintosh and versions and earlier versions for Linux are vulnerable to up to three vulnerabilities.

One of these, CVE-2014-0502, is being exploited in the wild. Click here for more detail on how the attack was found by security firm Fireeye and how it behaves.

The new version of Adobe Flash Player on Windows and Mac is The new version for Linux is A Google Chrome update to version 33.0.1750.117 today includes the fixed Flash plugin bundled with that product. Microsoft has released an update for Windows 8.0 and 8.1 for the bundled Flash Player plugin in Internet Explorer 10 and 11.

Users may obtain the newest version of Adobe Flash Player from Adobe at Do not trust Flash Player installations or patches from any other source.

In addition to the zero-day flaw reported by Fireeye and the Google Security Team, two other vulnerabilities (CVE-2014-0498 and CVE-2014-0499) were reported to Adobe by Wen Guanxing of Venustech.