“Adobe Systems has released a patch for two Flash player vulnerabilities that are being actively exploited online to surreptitiously install malware, one in attacks that target users of Apple’s Macintosh platform,” Dan Goodin reports for Ars Technica.
“While Flash versions for OS X and Windows are the only ones reported to be under attack, Thursday’s unscheduled release is available for Linux and Android devices as well,” Goodin reports. “Users of all affected operating systems should install the update as soon as possible.”
“The Mac exploits target users of the Safari browser included in Apple’s OS X, as well as those using Mozilla’s Firefox. That vulnerability, cataloged as CVE-2013-0634, is also being used in exploits that trick Windows users into opening booby-trapped Microsoft Word documents that contain malicious Flash content, Adobe said in an advisory,” Goodin reports. “The other bug under attack, CVE-2013-0633, also works by tricking Windows users into opening a Word document containing malicious Flash content.”
Read more in the full article here.
Explains the update. Is removal the best option?
Best to lance the boil…
Yes.
Unfortunately, there is still Flash content you may need/want to access. If so, try the Click2Flash extension; it blocks Flash until you click on it. (Like those Flash only videos MDN includes.)
Get it here:
http://hoyois.github.com/safariextensions/clicktoplugin/
(I couldn’t find it in the Apple website Extensions collection.)
What kind of loser puts Flash in a Word document? That’s a FAIL on its own.
Stupid adobe !! Its always get malicous attack and that why i refuse to put on my mac but some website required flash player !
Assdumb shithead Adobe. Flash is a total piece of dangerous crap, like that fuckup in the White House.
I think you are trying to say that: Adobe is a poor excuse for a software company. FLASH is dangerous software and you are a redneck Republican.
Did I get it right?
I think missed a bit — FLASH is dangerous software and you are a 14-year-old, redneck Republican.
I removed Flash over a year ago. If I want to see Flash on a website, I view it in Chrome, which has Flash built in.
The problem with that approach is that Chrome is from Google.
‘Nuff said.
@ste
http://daringfireball.net/2010/11/flash_free_and_cheating_with_google_chrome
I must have set Flash to silently update in the background, because I already have the latest version in OS X Firefox.
Safari just popped up and asked me to do the update, I declined and now most of the ads on this site say blocked plug in. I am thinking maybe I’ll leave it turned off.