Adobe Announces Flash Vulnerability, Hackers Can Control Your Computer

Adobe recently announced a vulnerability in its Flash Player and has issued a security update to patch up the hole. Media reports warn the vulnerability could allow attackers to remotely seize control of your Windows, Mac or Linux computer.

Adobe’s announcement, after the vulnerability was reported by Kaspersky Labs, also included details about two web browsers with Flash Player which are potentially affected – Google Chrome and Internet Explorer. According to CNET, Adobe has assigned a Priority 1 rating to the vulnerabilities, which is Adobe’s highest threat level.

Even cellphones are not immune. If you have Flash Player on your Android phone, you need to check which version you have by going to “Settings > Applications > Manage Applications > Adobe Flash Player x.x”. But Adobe does not specify which version Android users need to have, or how it will be pushed to the phone. Will it be automatic? Or does the user have to download it?

According to Adobe, if you are the owner of a Windows or Mac computer, and have Flash Player version 12.0.0.43 or earlier, then you are vulnerable. If you use Linux and have Flash Player 11.2.202.335 or earlier, then again you are open to attack.

There’s two very quick and easy ways to check what version of Flash Player you have. The first is to go to this page and it will tell you your version number.

The second option is to right-click on any Flash content and choose the option “About Adobe Flash Player” from the contextual menu.

Windows and Mac users are urged to update to Flash Player 12.0.0.44 as soon as possible, while Linux users should install version 11.2.202.336. Chrome and Internet Explorer will apparently be automatically updated without any input needed from the user.

After installing the latest patch, it would also be a good idea to run your malware program to make sure that there is nothing nasty lurking on your computer. If you are stuck for what program to use, give MalwareBytes a try. The free version does more than enough to give your computer a thorough check-up.

“Adobe does seem to have an unfortunate history of people finding security flaws with Flash that require updates” independent security consultant Alan Woodward told the BBC in an interview.

Image: Flash

13 Comments ▼
Advertise Here

Mark O'Neill - Staff Writer


Mark O'Neill Mark O'Neill is a staff writer for Small Business Trends, covering software and social media. He is a freelance journalist who has been writing for over 25 years, and has successfully made the leap from newspapers and radio onto the Internet. From 2007-2013, he was the Managing Editor of MakeUseOf.com.

13 Reactions

  1. GREAT POST! Most people have do not update their programs right away. This is really important to update. Flash should on most computers pop-up and tell you it it out of date. Also Chrome browser should update the plugin automatically as it updates it’s own software automatically.
    Flash is used on many websites without the website even knowing it. Usually from plugins or advertisements. These are not directly on the website you are browsing. The issue is the third party website get’s hacked and infects your computer. Meaning that you could be on a very popular website and get infected if your Flash is out dated.
    Keep safe and keep your applications updated.

    • Mine’s up to date because sometimes when I turn on my computer, I’m automatically asked if I want to update Flash (which I agree to have done most times).

      I didn’t realise Flash was that vulnerable to attack though.

      • Me too. The fact that someone can control my computer is just way too scary. It’s a good thing that I keep my files in cloud storage so that I can access them in case something goes wrong.

      • I had a really unpleasant virus on my computer once (the irony was I had Norton at the time). That was more than enough for me. I’m not looking to get my computer hijacked too.

        Thank God for cloud storage. Dropbox is my friend. :)

  2. Considering that they lost a couple million customer’s information, it doesn’t surprise me that Flash has vulnerability issues. But in their defense, their software is so ubiquitous that they are a huge target for hacking.

  3. M version is currently 12,0,0,41 installed. Good thing I’m using Chrome so I guess I don’t have to do anything other than run MalwareBytes. Thanks for the info.

  4. Does this apply to iPads and iPhones using safari? Also is there an equivalent Malware Programme to use for Mac computers as this one is not compatible?

    • Hi Sophie…

      My understanding from reading the post is that it’s a vulnerability that’s specific to two browsers: IE and Chrome. I don’t see Safari mentioned. But it does mention cellphones, so includes iPhones I should imagine.

      It might be worth going to the Adobe page to see what’s what. Or maybe they have a forum where you can ask.

      For and equivalent malware program for Macs, I really don’t know as I have a PC. Sorry.

  5. I hate to sound like a commercial, but the personal product is free, while the commercial/business product has a cost….and it is called “Secunia PSI (Personal Software Inspector)” . I have no affiliation with the company. It was suggested by my IP, and it constantly verifies that all of my software is up to date. Its a serious time saver, because it has an automatic update feature that works for most programs. It also notifies you if you need to perform a manual update for any programs that will not auto update. You can also download updates directly from them for many common programs. Thanks for the post!

  6. The first thing I did was go and check what version of Flash I had. I’m OK. But, had I not read this post, I would have been none the wiser, so thanks. I’m still gonna run a virus check though. (I have MalwareBytes)

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>



Compare your business to the industry - Try our new tool