{"id":10963,"date":"2013-02-26T14:39:22","date_gmt":"2013-02-26T22:39:22","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=10963"},"modified":"2016-10-06T12:29:07","modified_gmt":"2016-10-06T19:29:07","slug":"adobe-squashes-two-exploits-in-the-wild-designed-to-target-firefox","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/adobe-squashes-two-exploits-in-the-wild-designed-to-target-firefox\/","title":{"rendered":"Adobe Squashes Two Exploits \u2018In the Wild\u2019 Designed to Target Firefox"},"content":{"rendered":"

\"Adobe<\/a>In response to reports that two Flash Player vulnerabilities are being exploited in the wild in attacks designed to target the Firefox browser, Adobe has released new security updates for its software. These updates are for Adobe Flash Player 11.6.602.167 and earlier versions for Macintosh, and address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.<\/p>\n

In addition to resolving the two vulnerabilities being exploited in the wild, Adobe also resolved \u201ca buffer overflow vulnerability in a Flash Player broken service, which can be used to execute malicious code.\u201d These updates were posted under Adobe\u2019s sixth security bulletin for February (APSB13-08<\/a>) and should conclude what has been a busy month for the software company\u2019s security team. Adobe recommends that all Mac users update to Adobe Flash Player 11.6.602.171 immediately. Flash Player versions for other operating systems have also been updated.<\/p>\n

In Adobe\u2019s security bulletin, the company posted a brief description of the vulnerabilities being exploited in the wild:<\/p>\n

Adobe is aware of reports that CVE-2013-0643 and CVE-2013-0648 are being exploited in the wild in targeted attacks designed to trick the user into clicking a link which directs to a website serving malicious Flash (SWF) content.\u00a0 The exploit for CVE-2013-0643 and CVE-2013-0648 is designed to target the Firefox browser.<\/p><\/blockquote>\n

Following are details of the three vulnerabilities covered in this Flash update:<\/p>\n