We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Adobe Flash bug being exploited by hackers

Zero-day affects Reader on Windows and Mac

A new, critical bug in Adobe's Flash Player is giving some attackers a back door into victims computers, Adobe has warned.

The bug affects Adobe Flash Player version 10.0.45.2 and earlier on all operating systems, including Windows, Mac and Linux. It is also found in the latest versions of the widely used Reader and Acrobat software, Adobe said. "There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat," Adobe said in its security advisory.

When exploited, the flaw can cause Adobe's software to crash, but it can also give attackers control of the computer, Adobe said.

The attacks are not yet widespread. Adobe has so far received two reports of online attacks. The first one came on Friday, according to company spokeswoman Wiebke Lips.

Trend Micro Researcher Paul Ferguson agreed that the attack is new, and does not appear to be widely used. "It may just be ramping up," he cautioned. "I just haven't seen anything so far."

Versions 8 of Adobe Reader and Acrobat are not vulnerable to the attack, Adobe said.

Adobe's free Reader software has become a favourite hacker target in the past few years. Attacks that involve malicious PDF files now make up about nearly 50 percent of all web-based attacks, according to Symantec.

See also:

PC security advice


IDG UK Sites

Apple promises developers better stability, performance for Swift

IDG UK Sites

5 things we hate about MWC: What it's like to be a journalist at a technology trade show

IDG UK Sites

Interview: Lauren Currie aims to help design students bridge skills gap

IDG UK Sites

12in Retina MacBook Air release date rumours: new MacBook Air to have fingerprint ID, could launch...