Skip to main content

Adobe Flash faces another zero-day threat

Adobe announced this week that its Flash Player once again possesses a vulnerability that makes it possible for hackers to enter and take control of  a person’s computer.

The security hole exists with the and earlier versions of the Player for Windows, Mac, Linux and Solaris operating systems, as well as and earlier versions for Android, said Adobe in a “security advisory” released Monday on its website.

Related Videos

The vulnerability also affects parts of Adobe Reader and Acrobat X (10.0.2), and earlier 10.x and 9.x versions for both Windows and Mac OSs.

In addition to causing the program to crash, the hole opens up computers to zero-day attacks, which allow hackers to take control of a system without the knowledge of the computer’s proper user. They do so though a phishing attack, which lures unsuspecting email users into downloading messages with Trojan horse attachments.

“There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Word (.doc) file delivered as an email attachment, targeting the Windows platform,” Adobe said in the security advisory.

Adobe said that it was “not aware” of any such attacks on Reader or Acrobat.

This is not the first instance Adobe Flash containing a zero-day bug. Just last month, the company discovered and patched another Flash-related hole in the Authplay component, which allows for the use of Flash in PDF files. In the past year, at least two other zero-day vulnerabilities in Flash have cropped up.

Adobe says that it is currently “in the process of finalizing a schedule for delivering updates” for most of the various Flash-related software and version impacted by the security hole. The issue will be addressed for Adobe Reader X for Windows next quarter, the company says.

Editors' Recommendations

The Windows 11 taskbar is getting an important new update
windows 11 taskbar third party app pinning

Microsoft is working on new experiences for Windows that will allow developers to enable pinning for third-party applications, as well as enable pinning to the Taskbar.

Microsoft recently announced the details of these upcoming functions in a blog post. This is the brand's attempt to universalize its pinning process across all apps used on Windows. In practice, it will be similar to how pinning works on the Edge browser, with the Windows 11 users being notified by the Action Center about a request for pinning to the Taskbar by the app in question.

Read more
Firefox just got a great new way to protect your privacy
Canva in Firefox on a MacBook.

If you’re fed up with signing up for new accounts online and then being perpetually spammed in the days and weeks after, Mozilla has an idea that could help. The company has just announced its Firefox Relay feature is being directly integrated into its Firefox web browser, and it could help guarantee your privacy without any extra hassle.

Firefox Relay works by letting you create email “masks” when you sign up for new accounts. Instead of entering your real credentials into the sign-up field, Firefox Relay provides you with a throwaway address and phone number to use. Any messages from the website -- such as purchase receipts -- are then forwarded to your real email address, with all the sender’s tracking information stripped out to protect your privacy.

Read more
How to cancel Spotify Premium on your desktop or iOS device
The app screen on Spotify that says Cancel Premium.

Spotify is the world's most popular music and podcast streaming service for a reason. It has a catalog of over 100 million songs, the interface is fun and easy to use, and it's full of features that allow for music discovery, great playlist creation, and sharing. And while its main Achilles heel is that it doesn't offer higher resolution audio like many of its competitors such as Apple Music, Tidal, and Amazon Music, it's Premium tiers are reasonably priced at between $10 and $16 per month. So why would anyone want to cancel Spotify?

Read more