A security statement, released last Wednesday Adobe Systems, urged users to install the latest version of Flash Player after hackers started exploiting a vulnerability in its code. This patch is the second update released to address a vulnerability by Adobe this month.
The exploit, registered as CVE-2016-7855, could allow potential infiltrators to access users’ computers remotely. The bulletin stated the company identified the flaw after receiving reports of attacks suffered by computers running Windows 7, 8.1, and 10.
This flaw is Priority 1, which puts it on the same level as a zero-day exploit. Adobe’s security website suggest users installing the software updates within 72 hours to effectively counter these types of breaches.
Adobe released patches for OSX, Linux, and Chrome OS as well, even though initial reports only named Windows as a victim.
Which Flash Player versions are vulnerable?
Though Adobe did not release any additional information on the nature of the vulnerability or the way hackers can access a computer through it, it did name the different version of Flash Player that contain the flaw.
If a computer runs Flash Player (version 23.0.0.185 or earlier) installed on their computer, Google Chrome, Microsoft Edge, or Internet Explorer 11, they could be affected, according to the report.
Users running Flash Player for Linux (version 11.2.202.637 and earlier) are also at risk.
How do I check my Flash Player version?
Flash Player’s official Help website is the best way to check and update the Flash Player software. After accessing it, users must click on ‘Check Now’ to see which version of the program currently runs on their computer. This method works for any OS.
The website indicates Google Chrome includes Adobe Flash Player by default and that the browser updates it automatically.
However, Adobe suggests people checking on their Flash Player versions manually and looking for new updates regardless the browser they use.
Users should upgrade to version 23.0.0.205 or 11.2.202.643 (Linux) to receive the patch and protect themselves. To install the latest software, they must access the Adobe’s Download page.
Should I disable Adobe Flash Player?
Security concerns have prompted many users to uninstall or turn off the software entirely to prevent information theft. This move is also useful to prevent hacking, as most websites currently use HTML5 which can do everything Flash Player does and more.
- Google Chrome: in the ‘Plugins’ section (chrome://plugins), scroll down to the Adobe Flash Player plugin and click ‘Disable.’
- Firefox: Click on the main menu marked by the three horizontal lines and choose the ‘Add-ons’ option. Then click on ‘Plugins’ at the left panel, choose ‘Shockwave Flash,’ and select ‘Never Activate.’
- Safari: In the top Menu Bar select ‘Preferences,’ then ‘Security,’ then ‘Internet Plug-ins: Website Settings.’ Select Flash Player from the left side menu and click on ‘Block’ at the option ‘When visiting other websites.’
Source: Adobe