Adobe published security updates for the critical vulnerabilities on Tuesday. The most severe vulnerability, CVE-2012-1535, affects Adobe Flash Player 11.3.300.270 for Windows, Macintosh and Linux, and its earlier versions. It allows attackers to remotely control a computer and is being exploited in the wild in "limited targeted attacks", Adobe said in a security advisory.
The vulnerability is being distributed via malicious Microsoft Word documents and targets the ActiveX version of Flash Player for Internet Explorer on Windows systems. Adobe did not specify which version(s) of IE the exploit affects.
Adobe plugs critical Flash, Reader and Acrobat vulnerabilities
Posted on Wednesday, August 15 2012 @ 21:41 CEST by Thomas De Maesschalck