'

Adobe plugs security hole in Flash Player

The new Adobe Flash Player 10.2.153.1 patches a vulnerability (CVE-2011-0609) that could cause a system crash or allow an attacker to take complete control of the affected machine.

Adobe has released a Flash Player update to fix a critical security hole that was being used to in targeted malware attacks.

The new Adobe Flash Player 10.2.153.1 patches a vulnerability (CVE-2011-0609) that could cause a system crash or allow an attacker to take complete control of the affected machine.

Adobe confirmed earlier reports that this vulnerability was being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an e-mail attachment.

follow Ryan Naraine on twitter

[ SEE: Adobe warns of Flash Player zero-day attack ]

The company said it was not aware of attacks targeting Adobe Reader and Acrobat, noting that Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.

For more details on the latest update, see this Adobe advisory.