THERE'S A GREAT BIG SECURITY HOLE in Adobe's Flash Player on desktop and mobile systems, and hackers are already taking advantage of it.
In a warning posted on its website, Adobe said that there's a vulnerability in multiple versions of Flash Player, including the latest 10.2 version released in February. It affects Windows, Mac, Linux and Solaris operating systems.
Smartphone owners need to watch out as well, as the flaw also affects Flash Player on Android 2.2 and later.
Adobe said that the vulnerability is being exploited by hackers, who are using a targeted attack via a Flash .swf file embedded in an Excel .xls file, which is delivered as an email attachment. Adobe informed The INQUIRER that it hasn't seen Android attacks as yet.
There is also a flaw in the authplay.dll component shipping with Adobe Reader and Acrobat for Windows and Mac, but so far there are no reports of attacks against that. Adobe is in the process of creating a fix for the Flash issue, and will hopefully hurry it out as fast as it can.
Hackers attacking security vulnerabilities in Adobe Flash is not a new phenomenon. But ever since Flash Player became available on Android with the 2.2 Froyo release last year, smartphone users have become viable targets.
This is a worrying trend, but is always likely to happen due to the freedom that the Android operating system offers. With malware also affecting apps in the Android market, it might be that 2011 could become the year that Google with its mobile OS comes to truly understand the problems that Microsoft has had with securing its dominant Windows PC operating system. µ
Sadly that doesn't include offering you a beer
It's like the Hokey Cokey only for the stock market
FruityArmor and SandCat have already made use of the privilege escalation bug
A small village in Siberia will eat well tonight