“A well-known vulnerability in Adobe’s Flash player that could allow malicious users to steal browser data — including cookies — on Macs, PCs, and Linux machines has been exploited for the first time, prompting Adobe to issue a patch and urge users to upgrade their system as soon as possible,” Sam Oliver reports for AppleInsider.
“Adobe says that Flash Player version 22.214.171.124 and earlier for Mac and Windows and version 126.96.36.1998 and earlier for Linux suffer from the bug, which was exploited in a proof-of-concept by Google engineer Michele Spagnuolo,” Oliver reports. “Mac and Windows users should update to version 188.8.131.52 while Linux users should update to version 184.108.40.2064.”
Oliver reports, “In addition to the end-user mitigation, website owners can patch the vulnerability — assigned CVE identifier CVE-2014-4671 — on their end with one of a number of fixes identified by Spagnuolo.”
Read more in the full article here.
[Thanks to MacDailyNews Readers “Fred Mertz” and “Lynn Weiler” for the heads up.]