{"id":22275,"date":"2014-02-24T15:32:42","date_gmt":"2014-02-24T23:32:42","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=22275"},"modified":"2016-10-06T12:38:37","modified_gmt":"2016-10-06T19:38:37","slug":"adobe-patches-three-flaws-with-flash-player-update","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/adobe-patches-three-flaws-with-flash-player-update\/","title":{"rendered":"Adobe Patches Three Flaws with Flash Player Update"},"content":{"rendered":"

\"adobe-patched-header\"<\/a>Last week, Adobe released a Flash Player update for Mac and other operating systems, updating the software to version 12.0.0.70. This update addresses three critical flaws that could potentially allow an attacker to remotely take control of the affected system; an exploit for CVE-2014-0502 exists in the wild.<\/p>\n

Affected software versions include: Adobe Flash Player 12.0.0.44 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.336 and earlier versions for Linux.<\/p>\n

The Adobe Product Security Incident Response Team warned<\/a> of a critical vulnerability, resolved in this update, which exists in the wild:<\/p>\n

Adobe is aware of reports that an exploit for CVE-2014-0502 exists in the wild, and recommends users update their product installations to the latest versions using the instructions referenced in the security bulletin.<\/p><\/blockquote>\n

Graham Cluley on his blog<\/a> noted a connection between the critical flaw and some sites that were compromised recently.<\/p>\n

Cluley warned:<\/p>\n

Anyone who has visited these websites in recent weeks is at a high risk of having had their computers infected, and the potential for data on their PCs to have been stolen.<\/p><\/blockquote>\n

Adobe\u2019s security bulletin (APSB14-07<\/a>) describes the three flaws patched in this update as follows:<\/p>\n