Sophos Cloud Optix
How many times has Adobe Flash had to be updated on your computer with a new security patch?
Probably more times than you can count, right?
Well, let me make the question easier. How many times has Adobe Flash had to be updated on your computer this month?
The (perhaps surprising) answer is three. And let’s not forget that February is the shortest month of the year.
Adobe has published a security bulletin telling users that they need to patch their Flash installations once again (the security updates issued previously on February 7th and February 12th aren’t sufficient) to protect themselves against “targeted attacks” that are being “exploited in the wild”.
Once again, the vulnerability isn’t fussed about what operating system you run on your computer – so Windows, OS X and Linux users are all potentially in the firing line.
Here is the executive summary from Adobe:
Adobe has released security updates for Adobe Flash Player 11.6.602.168 and earlier versions for Windows, Adobe Flash Player 11.6.602.167 and earlier versions for Macintosh, and Adobe Flash Player 11.2.202.270 and earlier versions for Linux. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Adobe is aware of reports that CVE-2013-0643 and CVE-2013-0648 are being exploited in the wild in targeted attacks designed to trick the user into clicking a link which directs to a website serving malicious Flash (SWF) content. The exploit for CVE-2013-0643 and CVE-2013-0648 is designed to target the Firefox browser.
More information, and a series of links to downloads (if your installation does not grab the update automatically), is available in Adobe Security Bulletin APSB-1308.
If you run Chrome or Internet Explorer 10 for Windows 8, then you should be automagically running the latest version of Adobe Flash. Similarly, if you have told Adobe Flash to automatically keep itself up-to-date you should be updated shortly.
At the time of writing, the latest version of Adobe Flash Player is 11.6.602.171 (on Linux it is 11.2.202.273). But bear in mind that February isn’t quite over yet…
One issue I have with Adobe Flash updates is that they also pack in McAfee's anti-virus. I missed that the first time. While that wasn't had to remove some users miss that and end up having to anti-virus programs on their computer which might cause security problems.
I agree. I work in a university IT department and this is one of the issues we've been dealing with lately. Users continue to simply click, "Next, Next…" without thinking about unchecking this box. I wish that they wouldn't package this useless software with the flash player.
Really?
You permit users to install applications? You don't manage updates yourselves?
I suspect that this "one of the issues" should be the least of your concerns… or will be!
Ya you have to be sure to un-click it…..I almost made that mistake too
It is not necessarily a bad thing to have two AV applications as liong as they cooperate together. I doubt, from experience, that McAfee is a good choice though, IMHO.
Since I updated with the update, many of the video's I watch are buffering, which was not happening before.
I'm having the same problem, thought it was my computer, but apparently not.
Is it absolutely necessary to have Adobe? I never know what to click when the pop-up comes on so I X it. Theolfa.
I have updated Flash and uninstalled then re-updated and I keep getting crashes in Youtube and messages saying, "You need to download the latest version of Flash". I have tried to troubleshoot this from every angle possible and Im getting nowhere. This sucks. When I go to Youtube, I cant watch most videos. It works some times.
Not sure what to do.
Have you contacted Adobe tech support?
would you know why I keep getting the message to close all programs to install adobe – but everything is closed (even checked task mgr). It says Internet explorer is open but it isn't , so I cant get past that. Do you know what to do? Thanks
I do not want or need an upgrade for my purposes and they will not accept "no" for an answer. I am not allowed to create a message, delete junk emails, etc. That part of the sceen simply goes away. It is a revolving door when I try to delete the ads or reminder messages. Feel like I am being bullied into submission.
The problem is still there this February – a couple of recent flash updates again. If you go through Firefox to update Adobe Flash there seems to be no box to unclick, so you get MacF whatever – beware!
I installed originally from the Standalone Installer and IIRC I once let it do an autoupdate instead of downloading the whole new software DMG (this on OS X). It didn’t not try to foist anything on me. Can’t speak for Windows, though.