Adobe has issued a security update for its Flash Player on OS X, Windows, and Linux. The company says in a security bulletin on its website that this update addresses a critical security vulnerability that could allow an attacker to gain control and take over an affected system.
While Adobe notes that hackers have most commonly taken advantage of this vulnerability with systems running Internet Explorer for Windows 7 and Firefox on Windows XP, the exploit affected all users. To combat the issue, the company has pushed the 18.0.0.194 build of Flash Player and is urging all users to update immediately.
The latest build of Flash is available via Adobe’s Download Center, although all users should also be prompted via the software’s built-in update mechanism.
In the past, Apple has blocked old versions of Flash Player in Safari in order to protect user security. Most likely, Apple will again issue an update to its web plug-in blocking mechanism in OS X to disable all versions of Flash Player prior to the most recent 18.0.0.194 build.
Regarding the security flaw that build 18.0.0.194 addresses, Adobe wrote the following in a bulletin on its website:
You can download the latest version of Flash here.
Adobe is aware of reports that CVE-2015-3113 is being actively exploited in the wild via limited, targeted attacks. Systems running Internet Explorer for Windows 7 and below, as well as Firefox on Windows XP, are known targets.
