Adobe has released an emergency update for its Flash Player software that fixes three critical vulnerabilities, two of which the company warns are actively being exploited to compromise systems.
In an advisory, Adobe said two of the bugs quashed in this update (CVE-2013-0643 and CVE-2013-0648) are being used by attackers to target Firefox users. The company noted that the attacks are designed to trick users into clicking a link which redirects to a Web site serving malicious Flash content.
Readers can be forgiven for feeling patch fatigue with Flash: This is the third security update that Adobe has shipped for Flash in the last month. On Feb. 12, Adobe released a patch to plug at least 17 security holes in Flash. On Feb. 7, Adobe rushed out an update to fix two other flaws that attackers were already exploiting to break into vulnerable computers.