Adobe Issues Emergency Flash Updates As Hackers Target Firefox: Update Now!

By Alexandra Burlacu | Feb 27, 2013 09:41 AM EST

Share This Story

  • Print
  • Email

Adobe patched a trio of vulnerabilities in Flash Player, two of which the company says hackers were already exploiting in attacks targeting Mozilla Firefox.

Follow us

The emergency update to Flash Player comes as the third emergency fix for the browser plug-in this month, and patches holes that could not only cause a crash, but could potentially allow attackers to take over an affected system.

In the accompanying security bulletin, Adobe confirmed it was patching three vulnerabilities in the popular Flash media player plug-in. According to the company, attackers were already exploiting two of those vulnerabilities.

"Adobe is aware of reports that CVE-2013-0643 and CVE-2013-0648 are being exploited in the wild in targeted  attacks designed to trick the user into clicking a link which directs to a website serving malicious Flash content," states the advisory, listing the vulnerabilities by Common Vulnerabilities & Exposures (CVE) identifiers. "The exploit for CVE-2013-0643 and CVE-2013-0648 is designed to target the Firefox browser," adds the company.

Consequently, the two vulnerabilities Adobe singled out are in fact "zero-day" vulnerabilities, which means that criminals have already exploited them with attack code before updates patched the bugs.

The emergency updates, on Tuesday, Feb. 26, come less than three weeks after a Feb. 8 fix for two flaws exploited in the wild. The company already issued two other regularly scheduled updates for Flash since the beginning of 2013, as part of its efforts to sync its security releases with Microsoft's monthly Patch Tuesdays.

"Adobe assigned a Priority 1 rating to the vulnerabilities exploited on Windows and Mac OS X and recommends that users of both operating systems install the updates as soon as possible, preferably within 72 hours. The bulletin also assigned a Priority 3 rating to a Flash vulnerability facing Linux users.

The Priority 1 rating is Adobe's highest threat level, identifying "vulnerabilities being targeted or which have a higher risk of being targeted, by exploit(s) in the wild."

Users can download the patched versions of Flash Player for Windows, Mac and Linux from Adobe's website. Windows and Mac users can also wait for Flash's automatic updating tool to grab the update, while users of Google Chrome and Microsoft's Internet Explorer (IE) 10 on Windows 8 will receive the newest Flash via the browsers' own update mechanisms. 

 

Get the Most Popular Mobile&Apps Stories in a Weekly Newsletter

© 2014 Mobile & Apps All rights reserved. Do not reproduce without permission.

Featured Video : Intel Pocket Avatars

Join Our Conversation

Smartphones
Apple EasyPay self-checkout systemEx-NBA star Rex Chapman arrested for stealing from an Apple Store by faking EasyPay self-checkout
Samsung Galaxy A5 (SM-A500) leaks in new images, no full-metal body
Samsung, PayPal, Synaptics teaming up for mobile payment system in next-gen smartwatches?
iPhone 6, iPhone 6 Plus officially available, teardown reveals impressive battery
Tablet / Laptop / PC
Dell Venue 7 and Venue 8Dell unveils Venue 7 and Venue 8 Android 4.3 Jelly Bean tablets
Retina iPad Mini facing delays, may not launch until early next year
Refurbished 128GB iPad with Retina Display now available on the Apple Online Store
Samsung Galaxy Note 10.1 – 2014 Edition: Pricing and availability now official
Gadgets
Amazon LogoAmazon reportedly to launch ‘Firetube’ set-top box before 2013 holidays
Samsung Galaxy Note 3 and Galaxy Gear India launch: Pricing and availability
Samsung Galaxy Gear Android smartwatch now up for pre-order in Canada
Samsung Galaxy Gear 2 reportedly in the works already, may debut at CES or MWC 2014
OS / Software
HTC LogoHTC reportedly considering Android/Windows Phone dual-booting smartphone as Microsoft pushes for deeper Windows mobile integration
iOS 7 Chrome Incognito mode leaks private searches due to bug
Sprint HTC One Android 4.3 Jelly Bean already rolling out, AT&T, T-Mobile & Verizon to follow
Microsoft Windows 8.1 now available for pre-order
Internet / Social Media
Google DowntimeGoogle blacks out for two minutes, causes 40 percent drop in world’s Internet traffic
Xbox Music web player is live and ready for Xbox Music Pass subscribers
Facebook Android app collected phone numbers even if users never logged in
Firefox 22 brings support for web video calls, 3D gaming, and Unreal Engine 3
What's App
Vine update brings new camera experienceVine gets major update, lets you upload previously-shot videos & more (VIDEO)
BlackBerry Messenger (BBM) finally hits Windows Phone – Available as a free download now
Instagram releases Bolt ephemeral messaging app in select markets to challenge Snapchat
PayPal for iOS update brings loyalty card support, other features and enhancements
Copyright © 2014 Mobile & Apps All rights reserved. mobilenapps
Real Time Analytics