Yesterday, Adobe released a Godzilla-sized patch that fixes a sea of over 30 different security vulnerabilities in Flash and Adobe AIR.
“Adobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.”
Adobe’s recommendation is that Windows and Mac users of Flash update to Adobe Flash Player 18.104.22.168, while Linux users should update to version 22.214.171.1248.
(Dontcha just love Adobe’s version number system, by the way?)
If left unpatched, it’s possible that malicious hackers could exploit the vulnerabilities to infect your computer with malware. The good news is, so far at least, Adobe hasn’t seen any evidence of the vulnerabilities being exploited in the wild.
But don’t let that fool you into thinking that patching isn’t still a high priority.
The most recent version of Flash is always available from the Flash download page.
If you are not sure which version of Adobe Flash you are running on your computer, visit this Adobe webpage which will tell you.
Versions of Adobe Flash Player installed with Google Chrome, Microsoft Edge for Windows 10, and Internet Explorer 10 and 11 for Windows 8.0 and 8.1, should be automatically updated.
Consider enabling Click-to-Play in your browser, one of the best ways to protect yourself against criminals exploiting vulnerabilities in Adobe’s software.
But, be warned, disabling or nobbling Flash in just your browser may not be enough to protect your computer from infection – as it’s perfectly possible for Flash vulnerabilities to be delivered to your PC by routes other than the web.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.