Adobe released an emergency update to its Flash Player today that patches up a few security holes discovered in its system. Hackers were using the security holes in Adobe’s Flash Player to launch attacks solely at Firefox users. A security bulletin released by Adobe stated, “These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.”
Adobe stated that the two Common Vulnerabilities and Exposures (CVE) were labeled CVE-2013-0643 and CVE-2013-0648. They were targeted by hackers and used to trick users into clicking on links that redirected the user to a website carrying malicious Flash content. What's strange is that these two CVE’s were designed specifically to target only the Firefox browser, and no other web browser.
This security exploit comes only a few weeks after Adobe's last security exploit. On February 8th, hackers exploited a couple of security flaws in the Adobe Flash Player that allowed them to hijack users' computers. In one scenario, users were sent Microsoft Word documents that when opened, would unleash malware on the user's computer. In the other, users were, like this recent exploit, tricked into opening a link that brought them to a website with malicious flash content.
Adobe wasn't the only company to suffer from these malicious attacks. Oracle also had to distribute a few emergency updates of its own for Java recently when hackers exploited the bugs contained in the software. For those of you who have not yet received the update, you can get it through this link. Hopefully this ceases the malicious activity for a while.