Adobe: Hackers Exploiting New Flash Flaw

Adobe is insisting that Mac and Windows users immediately update its Flash Player software. The company says it has just issued a new update designed to prevent hackers from exploiting two recently-discovered bugs.

Adobe Flash is a multimedia and software platform often used by web browsers to display video, animations, and interactive games.

Exploited Flaw Results in Crash

By exploiting the bugs, hackers are causing serious problems. Reports indicate that it's possible for hackers to create websites that would trigger the bug and cause a user's computer to crash.

That's a problem for everyone involved, though it's going to have the most devastating impact on businesses (such as financial institutions) where a crash will be highly disruptive.

According to reports, this attack is more serious if you are running the Mozilla Firefox or Safari Internet browsers on a Mac. In this situation, a hacked website can install malicious software on your computer, potentially giving a hacker remote control of your machine.

The other attack strategy reportedly involves sending emails with Microsoft Word documents attached. If the email is convincing enough for the user to open the attachment, malicious software will be installed on a user's machine.

Again, hackers can seize remote control. This is particularly dangerous as they can then force the computer to run other software that could cause more damage, compromise security or even use the computer a a weapon.

Hackers are already known to be exploiting the security flaw with a series of targeted emails. For example, someone is using a conference schedule Word attachment to attack computers in the aerospace industry. (Source: theregister.co.uk)

Dedicated Page Checks Your Flash Settings

To protect your system, Adobe says it's important users download the latest version of the Flash player. However, it's not always easy to figure out if your Adobe Flash settings are up-to-date.

To make this easier, Adobe has a special page at http://www.adobe.com/software/flash/about/ that will tell you what version is on your computer. If your system hasn't been updated, you can upgrade your settings via Adobe's Player Download Center.

Adobe has also announced changes that will make these kinds of attacks more difficult for hackers to launch.

The company says that, in the future, if you open an Office document containing Flash content, your computer will ask you to click a confirmation button before running that content. (Source: arstechnica.com)