Adobe fixes actively exploited critical vulnerability in Flash Player

From PC World: Adobe Systems has released security updates for several products, including one for Flash Player that fixes a critical vulnerability that’s already known and exploited by attackers.

The Flash Player update fixes 17 vulnerabilities, 16 of which are critical and can be exploited to execute malicious code on affected systems. One of those vulnerabilities, tracked as CVE-2016-7892 in the Common Vulnerabilities and Exposures (CVE) catalogue, is already being used by hackers.

“Adobe is aware of a report that an exploit for CVE-2016-7892 exists in the wild, and is being used in limited, targeted attacks against users running Internet Explorer (32-bit) on Windows,” the company said in a security advisory.

The vulnerability was reported anonymously to the company.

Users of Flash Player on Windows, macOS and Linux should upgrade to the newly released version 24.0.0.186 as soon as possible. The Flash Player plug-in bundled with Google Chrome and Internet Explorer on Windows 10 and 8.1 will be updated automatically through the update mechanisms of those browsers.

View: Article @ Source Site