Adobe Systems Inc. today issued a security update to its Flash Player software. The company stressed that the update fixes a critical vulnerability that malicious actors have been using in targeted attacks.
Adobe classifies a security flaw as critical if it can be used to break into vulnerable machines without any help from users. The company said the vulnerability (CVE-2012-0779) fixed in the version released today has been exploited in targeted attacks designed to trick the user into clicking on a malicious file delivered in an email message, and that the exploit used in the attacks seen so far target Flash Player on Internet Explorer for Windows only.
Nevertheless, there are updates available for Flash Player versions designed for all operating systems that Adobe supports, including Mac, Linux and Android devices.