Adobe just launched an emergency update which contains a hotfix for a major security flaw. Therefore, people who use the Flash Player browser plugin should make sure to get the new update since there is a security flaw in its code which allows hackers to exploit it and install malicious software on unsuspecting Windows users.
Adobe Flash Security Flaw
The exploit is known as “CVE-2018-5002” and the team who is in charge of developing Adobe knows about it. The exploit somehow managed to breach through Adobe’s security walls and it is used against Windows powered computers.
“The exploit is being used in limited, targeted attacks against Windows users. These attacks leverage Microsoft Office documents with embedded malicious Flash Player content distributed via email” said Adobe in an official statement.
Vulnerable Version of Flash
Adobe went on to say that Flash version 220.127.116.11 and earlier builds are all vulnerable to the exploit. Moreover, Adobe released a new version of Flash with the 18.104.22.168 build number for Windows, Mac, Linux and Chrome OS which comes with a hotfix for the security issue.
On the bright side of things, the exploit has been used in a limited number of cases and it’s not a widespread issue. In addition, the new version of Flash is automatically updated on the following browsers: Google Chrome, Internet Explore and Edge.
We should also mention that Google Chrome users who want to get rid of Flash can do it in a matter of seconds. The only thing that Google Chrome users need to do is to type in the following “chrome://settings/content” in the URL bar and then select “Flash” and choose to disable it. Not just that, but users can also whitelist or blacklist different websites through Flash’s settings panel.