Adobe has released a Critical security alert on a serious vulnerability exploitation via emails on Adobe Flash Player version 10.2.153.1 and earlier versions for Windows, Mac, Linux and Solaris operating systems, version 10.2.154.25 and earlier for Chrome users and 10.2.156.12 and earlier for Android users. According to Adobe, a critical security alert means “A vulnerability, which, if exploited would allow malicious native-code to execute, potentially without a user being aware.” Click here for information on various alert ratings from Adobe.
According to Adobe, this vulnerability is exploited through Flash file (*.swf) embedded inside a Microsoft Word file (*.doc) delivered as an email attachment mainly targeting Windows users. However, the method of attack may change. This vulnerability can cause serious issues like system crash and can allow an attacker to take control of the affected system and use as zombie machine for malicious activities without the user’s knowledge. At this point, Adobe has no information about this sort of attack targeting other products such as Adobe PDF Reader and Acrobat. Though, according to US Computer Emergency Readiness Team, the vulnerability is found on Adobe PDF Reader and Acrobat as well.
Adobe is still in the process of delivering a software update to mitigate the issue with Flash Player for Windows, Linux, Solaris, Chrome, Android and Mac operating systems. As of now, users have to be cautious when opening email attachments (from anyone, be it friends or someone you’ve no idea about. You may “Win” millions of $ through some lottery or some “generous” souls out there want to give away millions, PLEASE DO NOT CLICK on such phishing emails. Read more about phishing here) to mitigate the issue as anti-virus programs are not yet able to detect the vulnerability.
Read security tips on email attachments here from US Computer Emergency Readiness Team (CERT).
Do you find this information useful? Share it with your friends on Facebook, Google+ or Twitter or your other Social Media. You can also follow me on Twitter @sarayoo.info or Google+ or Like me on my Facebook or on my LinkedIn for regular updates, technology tips and tricks, iPhone, iPad, other iOS devices tips, iOS App Deals, Blogging tips, etc. Please leave your comments in the comment section or contact me if you have any other questions.