Adobe Issues Patch For Flash Player Flaw

Bug involves a cross-site scripting vulnerability
Adobe on Sunday released an emergency update for its Adobe Flash Player browser plug-in. The fix addresses a zero-day vulnerability that it publicly disclosed for the first time Friday.

The bug involves a cross-site scripting vulnerability, which "could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website," said Adobe. It rates the Flash vulnerability as "important," meaning that if exploited, the bug "would compromise data security, potentially allowing access to confidential data, or could compromise processing resources in a user's computer."

Read the full article here.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.