Tuesday, April 12, 2011

Adobe: Zero-day attacks targeting Flash Player hole

Adobe today warned of a critical hole in Flash Player that is being exploited in the wild to take control of computers or cause them to crash.

"There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Word (.doc) file delivered as an email attachment, targeting the Windows platform," the company said in an advisory. "At this time, Adobe is not aware of any attacks via PDF targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing."

No comments: