New Flash flaw could let attackers control Macs, Adobe urges users to update

Posted:
in General Discussion edited May 2014
Adobe on Monday disclosed a new vulnerability in its Flash platform that may allow attackers to remotely take over and control Macs, PCs, and Linux machines and advised users to update their system as quickly as possible.

Flash


The bug affects Flash Player 13.0.0.201 and earlier on the Mac, Flash Player 13.0.0.182 and earlier on Windows, and Flash Player 11.2.202.350 and earlier on Linux. Adobe says that attacks exploiting this flaw have been discovered "in the wild," so users are strongly urged to apply the latest updates sooner than later.

Mac owners and those on Windows-based PCs should update to Flash Player 13.0.0.206, while users running Linux should update to Flash Player 11.2.202.356. Those using the versions of Flash installed alongside Google's Chrome browser or Microsoft's Internet Explorer 10 and 11 will receive updates automatically.

According to security firm Kaspersky Lab, the vulnerability -- which received CVE number 2014-0515 -- is "located in the Pixel Bender component, designed for video and image processing." Exploits seen in the field using this bug are somewhat unique, using slightly different code depending on the operating system being targeted.

This is the second remote execution bug to crop up in Flash this year. A similar flaw surfaced in February, also affecting all platforms.

Users can check the version of Flash installed on their system by visiting Adobe's About Flash Player page or right-clicking on Flash content in their browser and choosing "About Adobe (or Macromedia) Flash Player" from the contextual menu.
«13

Comments

  • Reply 1 of 60
    slurpyslurpy Posts: 5,118member

    Has there been a single week without a critical flash flaw? It seems like I get a warning every couple days on my PC. Why the **** isn't this technology dead yet? It's been long enough. Any website that still relies on flash for video, etc does not even deserve to exist, when most are accessing the web through mobile now. Half the sites I visit still say "missing plugin" for video on mobile devices. Disgusting. 

  • Reply 2 of 60
    Flash 13 didn't even work on my Mac, I couldn't use ANY Flash content. I had to downgrade to 12. They want me to update to 13 again? No thanks.

    Cant wait for Flash to die off entirely.
  • Reply 3 of 60
    hydrhydr Posts: 146member

    Who uses Flash anyway?

  • Reply 4 of 60
    ceek74ceek74 Posts: 323member

    Strange.  A[nother] security vulnerability in Flash.  Didn't see that coming.

  • Reply 5 of 60
    maestro64maestro64 Posts: 4,519member
    Not sure how a video player and web player can allow someone to control access to your computer. Adobe must employ some of the worst programmers. Then again Adobe is not in the top paying in the valley and it shows in their products.
  • Reply 6 of 60
    jkichlinejkichline Posts: 1,332member

    Is it just me, or does the Flash logo look like a sore, oozing, infected rectum to anyone else? Because that's what your computer feels like after you install this plugin. Well, that and Adobe PDF Reader together. You want hackers and viruses to have their way with your computer, just add Adobe.

  • Reply 7 of 60
    stevenozstevenoz Posts: 225member

    Like so much about Adobe these days... another reason to look for a light on the horizon to signal an alternative route, away from Adobe.

     

    HTML5 in this case.

     

    And don't get me started on the rental-only Adobe CC, which I think is an insult to previous users of their software products.

     

    The new features are getting fewer and fewer, so Adobe knows you may not buy their very-expensive software again soon. They've decided to charge you monthly for the privilege making your digital designs, whatever they are. Then their bottom line won't suffer when their technical progress is slow.

     

    I kinda wish Apple would buy Adobe, since many of their users always have been Mac users, and make their software free when you buy a Mac.

     

    Then someone else would not have to make another Creative Suite from scratch for us to buy, not rent.

  • Reply 8 of 60
    Quote:

    Originally Posted by hydr View Post

     

    Who uses Flash anyway?


    Some of us can't avoid it at work unfortunately.... it sucks.

     

    Ugh. Not again.

  • Reply 9 of 60
    What is Flash and how does this affect my iPhone and iPad?? ;-)
  • Reply 10 of 60

    Flash needs to die.

  • Reply 11 of 60
    stevenozstevenoz Posts: 225member
    Quote:
    Originally Posted by pikester View Post



    ...how does this affect my iPhone and iPad?? ;-)



    It doesn't. Steve Jobs, bless his heart, wouldn't allow Adobe Flash on his mobile devices.

  • Reply 12 of 60
    chandra69chandra69 Posts: 638member

    STEVE did a great job by injecting a virus to the FLASH virus. 

  • Reply 13 of 60
    disturbiadisturbia Posts: 563member

    5+ years and counting .... living my digital life without these 2 piece of craps:

     

    1. Adobe Flash (and other garbage they sell!)

    2. F****ng JAVA!

     

    They don't die though because of Ads ... Ads ... god damn google and more Ads!

  • Reply 14 of 60
    danielswdanielsw Posts: 905member
    Quote:

    Originally Posted by stevenoz View Post

     

    Like so much about Adobe these days... another reason to look for a light on the horizon to signal an alternative route, away from Adobe.

     

    HTML5 in this case.

     

    And don't get me started on the rental-only Adobe CC, which I think is an insult to previous users of their software products.

     

    The new features are getting fewer and fewer, so Adobe knows you may not buy their very-expensive software again soon. They've decided to charge you monthly for the privilege making your digital designs, whatever they are. Then their bottom line won't suffer when their technical progress is slow.

     

    I kinda wish Apple would buy Adobe, since many of their users always have been Mac users, and make their software free when you buy a Mac.

     

    Then someone else would not have to make another Creative Suite from scratch for us to buy, not rent.


    The update was quick and easy to install.

     

    You complainers should spend less time complaining and more time working so you could better afford Adobe's products.

     

    We think CC is much better than the old business model, and $50/mo is easy to handle for all the great tools we now have access to.

  • Reply 15 of 60
    stevenoz wrote: »
    Like so much about Adobe these days... another reason to look for a light on the horizon to signal an alternative route, away from Adobe.

    HTML5 in this case.

    And don't get me started on the rental-only Adobe CC, which I think is an insult to previous users of their software products.

    The new features are getting fewer and fewer, so Adobe knows you may not buy their very-expensive software again soon. They've decided to charge you monthly for the privilege making your digital designs, whatever they are. Then their bottom line won't suffer when their technical progress is slow.

    I kinda wish Apple would buy Adobe, since many of their users always have been Mac users, and make their software free when you buy a Mac.

    Then someone else would not have to make another Creative Suite from scratch for us to buy, not rent.

    This is a great idea! I'm sure most wouldn't mind paying a bit more for a computer that had the Adobe CS built-in to it. I know I wouldn't mind it at all and it would be worth a little more of my money on the front end to save all the back end hastles of installation and updates.
  • Reply 16 of 60
    tallest skiltallest skil Posts: 43,399member
    Originally Posted by Disturbia View Post

    They don't die though because of Ads ... Ads ... god damn google and more Ads!


     

    Couldn’t find an animated version…

  • Reply 17 of 60
    alruialrui Posts: 29member

    To bad the pukes at Adobe ont support older Mac OS (10.5.8). They shove the lousy player down our throats and then refuse to support older OS's when a security flaw is found. I think its total BS!

  • Reply 18 of 60
    pdq2pdq2 Posts: 270member

    "Flash"?

     

    What's that?

  • Reply 19 of 60
    danielsw wrote: »
    The update was quick and easy to install.

    You complainers should spend less time complaining and more time working so you could better afford Adobe's products.

    We think CC is much better than the old business model, and $50/mo is easy to handle for all the great tools we now have access to.

    Sounds like someone needs to get off of their high horse. I agree with you about the subscription model being better long term for users (50 month is better than coughing up over 2 grand at one pop).

    Adobe needs to put Flash in the trash. I block all flash on my home Mac and it is an annoying advertising-only tool that uses resources for nothing. Who cares if the constant updates only take a few minutes. Flash is 90's tech used to annoy people.
  • Reply 20 of 60
    jungmarkjungmark Posts: 6,679member
    Maybe if Adobe just open sourced Flash, it would be more secure. Haha.

    Another day, another Flash bug.
Sign In or Register to comment.