Adobe releases fix for Flash zero-day
Adobe has released a fix for a zero-day vulnerability in Flash Player, which impacts users running Windows, Mac and Linux operating systems.
The company yesterday urged Windows and Mac users to download Flash Player versions 12.0.0.44 and 11.7.700.261 (for those who cannot update to version 12.0). Those running Flash on Linux systems were directed to install version 11.2.202.336 of the plug-in.
The issue stems from an integer underflow vulnerability, which could allow an attacker to remotely take control of an affected system and execute malicious code. Adobe said the previously unknown vulnerability, CVE-2014-0497, had been exploited in the wild. In its bulletin, Adobe also directed users running versions of Flash for Chrome and Internet Explorer 10 and 11 web browsers to update to the newly released 12.0.0.44 plug-in.