New Adobe Flash bug allows hackers to take over your computer, update Flash to v11.3.300.271 to be safe
August 14, 2012 17
Email article | Print article 
Adobe has released an out of the blue security bulletin stating a bug in Adobe Flash is being exploited by hackers and could potentially allow attackers to take over computers. The attack vector is malicious Microsoft Word documents that exploit the ActiveX version of Flash Player in Internet Explorer on Windows. According to Adobe, this vulnerability “could cause the application to crash and potentially allow an attacker to take control of the affected system”.
Adobe was notified about this security exploit by two unnamed researchers and Adobe has since then issued a patch to plug this bug. While the exploit appears to be on Windows only, the Flash update is being issued cross-platform to Windows, Linux, and Mac OS X. Anyone that wants to stay safe from this bug should immediately update their Flash Player to v11.3.300.271. Updates will be pushed by Adobe via the automatic updating feature in Flash Player or by users can manually update by downloading the latest version of Flash Player from Adobe’s website.
Although the Adobe Flash bug isn’t Microsoft’s fault despite Word being the delivery vehicle, Microsoft itself issued updates on Patch Tuesday that addressed 26 vulnerabilities, some of them being in Microsoft Office. No wonder Apple users like to laugh at us.
[via ArsTechnica | Image credit: marcopako]
About the author: Ashraf View all posts by Ashraf
Related »
![[Windows] Easily modify default programs for file types with Coffee — you can even assign two programs for each extension!](http://cdn.dottech.org/media/2013/05/Extension-association-134x90.png)
17 Comments »
Leave A Response »
Thanks for the article Ashraf.
@hatman: You are welcome!
2 versions ago (.265?),Zmana AntiLogger threw a flag that Flash was logging my keystrokes.
I contacted Support,who forwarded my inquiry to Tech,but never heard back.
Not a FP after all?
“attack vector is malicious Microsoft Word documents that exploit the ActiveX version of Flash Player in Internet Explorer on Windows”
Since I use Libre Office, have ActiveX disabled, and virtually eliminated IE on my machines — I think I can safely continue to override FP’s insistence that it be updated…
Typically I keep Flash disabled, too, enabling it only for the few videos I need to watch each week.
I sure will be happy when I can watch videos with some other player…
Adobe Flash is already built into Chrome and automatically updated by Google. So for all of you that use Chrome, no worries.
@BarrysCool: Thanks for that reminder! I don’t know about the rest of you, but I can’t keep up with constant app. updates. The computer is supposed to help me, not be a newest and time-consuming maintenance project …
@Mike:
You are absolutely right. A previous recent Flash update was causing stability problem according to news at Major Geeks, and I’ve not updated since then.
My main reason for having a PC is for gaming. However I find myself spending more time now trying to keep the PC stable, protected and up to date, which means I need to keep informed about dangers such as this. No wonder so many people use Linux to browse and consoles for gaming.
Apples users laugh? Ha! With Macs clearly ripping you off in both hardware and software, PC users are the ones laughing (especially with the zero cost of Linux).
The only reason Macs aren’t in much danger right now is obscurity, hackers can crack it even easier than Windows.
@BarrysCool:
What, there is other browsers?
All scripts disabled on 13 of my 15 PCs. Stopping Adobe Flash saves hours of worthless advertising… not to mention load time.
@Mike: Endless updates on PCs is a MSFT coding problem. They keep piling on bloat hoping for the best. They need to try innovation: an OS without IE is a start.
@DoktorThomas: That’s why the very first thing I do is disable auto updates in Windows.I have one rig running box stock XP SP2 w/ no updates-it’s infection free for 4 years and the fastest rig in the house,including my 7′s
Zemana AntiLogger says the newest Flash is logging keystrokes!! WTF!!
My Trend Micro flagged this download as malicious ware
Hello, Ashraf.
Thanks for this, sorry I’m late to the party.
BTW, *this* is ‘why’ “flash” needs to DIE!, DIE! DIE!
Its been a near-constant source of aggravation, since win95 days.
We can only hope that, soon,
flash will “exist” only on some goober’s ‘nostalgic’ “this-is-the-way-things-were” webarchive.
[Maybe that's a new word, a?]
Have a GREAT day, neighbor!
@sl0j0n: Well,it is dead for Android as of JB-that’s a start
Have they straightened out the glitch between this and Sandboxie yet?