Adobe expects to fix a critical Flash Player vulnerability today, a week before it had planned to issue a patch.
Alarm bells were ringing last week when reports emerged the flaw was being actively exploited in the wild against Adobe Flash on Windows.
An update for Flash on the Windows, Macintosh, Linux, Solaris and Android operating systems is now due to be issued today.
Google Chrome users can already protect themselves by updating to version 6.0.472.62 of the browser.
The same vulnerability exists in Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, as well as Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh.
Adobe said it expects to fix the problem in those software models during the week starting 4 October, although it has not been made aware of any attacks exploiting the vulnerability in Reader or Acrobat.
Chester Wisniewski, senior security advisor at Sophos Canada, said Adobe had most likely moved the update forward because the vulnerability had been exploited in the wild.
"Stay tuned for information on the upcoming Adobe fixes. They will be very high priority and I recommend planning your deployment of these fixes as soon as possible," Wisniewski added in a blog post.
-
GitHub just launched a new 'mission control center' for developers to delegate tasks to AI coding agentsNews The new pop-up tool from GitHub means developers need not "break their flow" to hand tasks to AI agents
-
The Allianz Life data breach just took a huge turn for the worseNews Around 1.1 million Allianz Life customers are believed to have been impacted in a recent data breach, making up the vast majority of the insurer's North American customers.
-
Flaw in Lenovo’s customer service AI chatbot could let hackers run malicious code, breach networksNews Hackers abusing the Lenovo flaw could inject malicious code with just a single prompt
-
Industry welcomes the NCSC’s new Vulnerability Research Initiative – but does it go far enough?News The cybersecurity agency will work with external researchers to uncover potential security holes in hardware and software
-
Ransomware victims are getting better at haggling with hackersNews While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
Hackers are targeting Ivanti VPN users again – here’s what you need to knowNews Ivanti has re-patched a security flaw in its Connect Secure VPN appliances that's been exploited by a China-linked espionage group since at least the middle of March.
-
Broadcom issues urgent alert over three VMware zero-daysNews The firm says it has information to suggest all three are being exploited in the wild
-
Nakivo backup flaw still present on some systems months after firms’ ‘silent patch’, researchers claimNews Over 200 vulnerable Nakivo backup instances have been identified months after the firm silently patched a security flaw.
-
Everything you need to know about the Microsoft Power Pages vulnerabilityNews A severe Microsoft Power Pages vulnerability has been fixed after cyber criminals were found to have been exploiting unpatched systems in the wild.
-
Vulnerability management complexity is leaving enterprises at serious riskNews Fragmented data and siloed processes mean remediation is taking too long
