If you are a user of Adobe Flash, be sure to apply the latest security update if you want to avoid becoming part of an in-the-wild attack exploiting a vulnerability which currently seems to be exploiting users of Internet Explorer on the Windows platform only. Adobe has, however, issued an emergency security patch for Android, Linux and Mac users as well as those with Windows which kind of suggests it could be indicative of a wider problem with the software.
Adobe is recommending that any users of Flash Player v11.2.202.233 and earlier for Windows, Mac and Linux should update to v11.2.202.235 and Android 4.x users of v11.1.115.7 and earlier should update to 11.1.115.8, Android 3.x users of 11.1.111.8 should move to 11.1.111.9 while those users with the Google Chrome installed Flash Player need do nothing as the update will have been applied automatically.
The Adobe Security Bulletin (APSB12-09) is determined as being critical, with the object confusion vulnerability (CVE-2012-0779) being actively exploited in the wild as I write. The exploit will arrive in the form of an email with attachment, and infection can only occur if the user clicks on that attached file to execute it. Once again, it's a message to all those who have itchy link-clicking fingers not to blindly think everything you get sent in the mail is OK to look at.
Windows users who opted in to the recently introduced silent update feature will have been protected by the security update as soon as it was made available and need do nothing further in order to protect all web browser clients installed on their system.
Adobe advise users who are confused about which version of Flash they are currently running to access the 'About Flash Player' page or right-click on any content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu. A check which will have to be applied for every browser you have installed if you have not applied that silent update feature on Windows.
