/>
X
Innovation

Adobe patches zero-day Flash flaw

Three vulnerabilities, including one being exploited in the wild, are fixed in another emergency update of the Flash Player from Adobe.
larry-seltzer-thumb.jpg
Written by Larry Seltzer, Contributor on
get.adobe.com.flash
Click on image to install current version of Adobe Flash Player

Adobe has released critical updates for Flash Player on Windows, Mac and Linux. Versions 12.0.0.44 and earlier for Windows and Macintosh and versions 11.2.202.336 and earlier versions for Linux are vulnerable to up to three vulnerabilities.

One of these, CVE-2014-0502, is being exploited in the wild. Click here for more detail on how the attack was found by security firm Fireeye and how it behaves.

The new version of Adobe Flash Player on Windows and Mac is 12.0.0.70. The new version for Linux is 11.2.202.341. A Google Chrome update to version 33.0.1750.117 today includes the fixed Flash plugin bundled with that product. Microsoft has released an update for Windows 8.0 and 8.1 for the bundled Flash Player plugin in Internet Explorer 10 and 11.

Users may obtain the newest version of Adobe Flash Player from Adobe at get.adobe.com/flashplayer. Do not trust Flash Player installations or patches from any other source.

In addition to the zero-day flaw reported by Fireeye and the Google Security Team, two other vulnerabilities (CVE-2014-0498 and CVE-2014-0499) were reported to Adobe by Wen Guanxing of Venustech.

Editorial standards

Related

How to add wireless Apple CarPlay to your car
GOTRAX 4 electric scooter

How to add wireless Apple CarPlay to your car

The White House passes an AI 'Bill of Rights' that attempts to put your concerns at ease
white-house.png

The White House passes an AI 'Bill of Rights' that attempts to put your concerns at ease

Facebook users warned: You may have downloaded these password-stealing Android and iOS apps
a-worried-woman-looking-at-her-smartphone

Facebook users warned: You may have downloaded these password-stealing Android and iOS apps