Flash Player exploit found on Internet Explorer fixed in patch

If you use Flash Player a lot on your Windows PC, specifically with your Internet Explorer web browser, you will definitely want to update to the latest version as soon as possible. Adobe has announced that it has released a new security update for Flash Player. While the update has been launched for Windows, Mac, Linux and Android versions, the main target is users of Windows and Internet Explorer.

Adobe states in its update bulletin:

These updates address an object confusion vulnerability (CVE-2012-0779) that could cause the application to crash and potentially allow an attacker to take control of the affected system. There are reports that the vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious file delivered in an email message. The exploit targets Flash Player on Internet Explorer for Windows only.

The update should be downloaded and installed if you have Flash Player 11.2.202.233 and earlier on Windows, Mac, and Linux ports, along with versions 11.1.115.7 or earlier on Android 4.x and versions 11.1.111.8 on Android 3.x and 2.x. Ars Technica also suggests that Mac users quickly update to the new version even though the exploit seems to be targeting Windows users at the moment.

Report a problem with article
Previous Story

Final Diablo III video dev diary talks about game's future

Next Story

Has Microsoft forgotten what Metro's all about?

12 Comments

Commenting is disabled on this article.

cork1958 said,
Sure wish this app wasn't almost a necessity as I'd dump it in a heartbeat otherwise.

Is there such thing as flashblock for IE any where?

Why not just use the Adobe site to check flash version?
http://www.adobe.com/software/flash/about/

What exactly does flashblock do? I mean does it disable the plugin, if so how can you watch Youtube videos etc?

alwaysonacoffebreak said,

What exactly does flashblock do? I mean does it disable the plugin, if so how can you watch Youtube videos etc?

By default Flash is set to run on all sites in IE. But you can got to Tools > Manage Addons > Toolbars and Extensions > Shockwave Flash Object and then More Information in the bottom window. In that window there will be a (*) because all websites are allowed. If you select remove all sites you'll get the yellow info bar anytime a site wants to run Flash. If you choose Run Addon it'll be added to the list of allowed sites. If it's just a flash ad or something not important either ignore the bar or hit the X to just close it.

simplezz said,
Where's NetAvenger and his claim that IE and Windows are the most secure browser and OS ever invented now? Ha!

He wont be here because this is a flash exploit, not a windows exploit.

God, IE is the most unsafe browser out there, I'm just denying the fact that it's an Flash player exploit and keep flaming IE /s

alwaysonacoffebreak said,
God, IE is the most unsafe browser out there, I'm just denying the fact that it's an Flash player exploit and keep flaming IE /s

haha, was just about to jump right in there, why you (shakes fist)