{"id":2900,"date":"2011-06-06T09:55:37","date_gmt":"2011-06-06T08:55:37","guid":{"rendered":"http:\/\/blog.intego.com\/?p=2900"},"modified":"2012-12-12T13:57:34","modified_gmt":"2012-12-12T21:57:34","slug":"adobe-updates-flash-for-critical-cross-scripting-vulnerability","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/","title":{"rendered":"Adobe Updates Flash for Critical Cross-Scripting Vulnerability"},"content":{"rendered":"<p>Adobe has issued an out-of-band update for Flash Player to patch a vulnerability that &#8220;could be used to take actions on a user&#8217;s behalf on any website or webmail provider, if the user visits a malicious website.&#8221; Adobe says that &#8220;There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message.&#8221;<\/p>\n<p>The new version of Flash Player is 10.3.181.22. Mac users can use the plug-in&#8217;s automatic updater for the first time. If you have installed the previous version of Flash, which we <a href=\"https:\/\/www.intego.com\/mac-security-blog\/flash-player-security-update-includes-new-privacy-and-security-features\/\">wrote about here<\/a>, you&#8217;ll now be able to <a href=\"https:\/\/www.intego.com\/mac-security-blog\/access-flash-player-preferences-more-easily\/\">access Flash Player preferences<\/a> from the System Preferences application. Updating can occur automatically, as you can see in the <b>Updates<\/b> section of the Flash Player preferences.<\/p>\n<p><img loading=\"lazy\" width=\"696\" height=\"639\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2011\/06\/flash-prefs.jpg\" alt=\"\" title=\"flash-prefs\"  class=\"aligncenter size-full wp-image-2901\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2011\/06\/flash-prefs.jpg 696w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2011\/06\/flash-prefs-300x275.jpg 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2011\/06\/flash-prefs-100x91.jpg 100w\" sizes=\"(max-width: 696px) 100vw, 696px\" \/><\/p>\n<p>However, we are still seeing the old version of Flash Player listed. Unfortunately, the <b>Check Now<\/b> button does not do what you might expect. Other applications will open a window as they check a remote server for an update. This merely sends you to an Adobe web page which tells you the current version of Flash installed on your Mac (which you knew already, because it&#8217;s displayed in the window). There is a link to the <a href=\"http:\/\/www.adobe.com\/go\/getflash\">Flash Player Download Center<\/a> where you can download and install the latest version of Flash Player.<\/p>\n<p>We&#8217;re planning to keep an eye on our preferences to see if and when the plug-in gets updated automatically during the day.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Adobe has issued an update to Flash Player for a vulnerability that is being exploited in the wild.<\/p>\n","protected":false},"author":3,"featured_media":1708,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13],"tags":[15,57,119],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"Adobe has issued an update to Flash Player for a vulnerability that is being exploited in the wild.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Adobe Updates Flash for Critical Cross-Scripting Vulnerability - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"Adobe has issued an update to Flash Player for a vulnerability that is being exploited in the wild.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2011-06-06T08:55:37+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2012-12-12T21:57:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/03\/flash.png\" \/>\n\t<meta property=\"og:image:width\" content=\"128\" \/>\n\t<meta property=\"og:image:height\" content=\"128\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Peter James\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/03\/flash.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/03\/flash.png\",\"width\":\"128\",\"height\":\"128\",\"caption\":\"Adobe Flash Player Security Update\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/\",\"name\":\"Adobe Updates Flash for Critical Cross-Scripting Vulnerability - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#primaryimage\"},\"datePublished\":\"2011-06-06T08:55:37+00:00\",\"dateModified\":\"2012-12-12T21:57:34+00:00\",\"description\":\"Adobe has issued an update to Flash Player for a vulnerability that is being exploited in the wild.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Adobe Updates Flash for Critical Cross-Scripting Vulnerability\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\"},\"headline\":\"Adobe Updates Flash for Critical Cross-Scripting Vulnerability\",\"datePublished\":\"2011-06-06T08:55:37+00:00\",\"dateModified\":\"2012-12-12T21:57:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#webpage\"},\"wordCount\":257,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/03\/flash.png\",\"keywords\":[\"Adobe\",\"Flash\",\"Security Update\"],\"articleSection\":[\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\",\"name\":\"Peter James\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"caption\":\"Peter James\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"Adobe has issued an update to Flash Player for a vulnerability that is being exploited in the wild.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/","og_locale":"en_US","og_type":"article","og_title":"Adobe Updates Flash for Critical Cross-Scripting Vulnerability - The Mac Security Blog","og_description":"Adobe has issued an update to Flash Player for a vulnerability that is being exploited in the wild.","og_url":"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/","og_site_name":"The Mac Security Blog","article_published_time":"2011-06-06T08:55:37+00:00","article_modified_time":"2012-12-12T21:57:34+00:00","og_image":[{"width":"128","height":"128","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/03\/flash.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Peter James","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/03\/flash.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/03\/flash.png","width":"128","height":"128","caption":"Adobe Flash Player Security Update"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/","name":"Adobe Updates Flash for Critical Cross-Scripting Vulnerability - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#primaryimage"},"datePublished":"2011-06-06T08:55:37+00:00","dateModified":"2012-12-12T21:57:34+00:00","description":"Adobe has issued an update to Flash Player for a vulnerability that is being exploited in the wild.","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Adobe Updates Flash for Critical Cross-Scripting Vulnerability"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116"},"headline":"Adobe Updates Flash for Critical Cross-Scripting Vulnerability","datePublished":"2011-06-06T08:55:37+00:00","dateModified":"2012-12-12T21:57:34+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#webpage"},"wordCount":257,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/03\/flash.png","keywords":["Adobe","Flash","Security Update"],"articleSection":["Security &amp; Privacy"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/adobe-updates-flash-for-critical-cross-scripting-vulnerability\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116","name":"Peter James","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","caption":"Peter James"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/03\/flash.png","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-KM","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/2900"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=2900"}],"version-history":[{"count":0,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/2900\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/1708"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=2900"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=2900"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=2900"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}