Adobe has announced that it will be issuing an emergency security update for its widely-used Flash Player, after discovering hackers were actively exploiting a security hole to hijack control of computer systems.
“A critical vulnerability (CVE-2016-1019) exists in Adobe Flash Player 18.104.22.168 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.”
The one piece of good news is that if you have been doing a reasonably good job of keeping your systems updated then you may already be benefiting from a mitigation introduced in Flash Player 22.214.171.124 that, according to Adobe, “currently prevents exploitation of this vulnerability.”
The vulnerability has been given a “critical” severity rating by Adobe, and users are advised to update their systems at the earliest opportunity.
So, what better time is there to check out our article explaining how to keep Adobe Flash up-to-date or ditch it entirely?
If you’re not quite ready to take the step of entirely uninstalling Flash, then you should at the very least consider enabling “Click to Play”, which stops Flash elements from being rendered in your browser unless you give specific permission.
Yeah, you guessed right. I’m not a fan of Adobe Flash.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.