Adobe has published a security bulletin regarding today’s update to Adobe Flash Player. The exploit is reportedly being used in the wild, targeting Flash Player in Internet Explorer on Windows. The attack comes through a malicious file attached to an email.
These updates address an object confusion vulnerability (CVE-2012-0779) that could cause the application to crash and potentially allow an attacker to take control of the affected system.
Despite the limited target with this particular exploit, Adobe Flash Player has been updated for Windows, Mac, Linux, and Android platforms. Google Chrome’s integrated Flash Player has already been updated.
It is recommended that users update to Adobe Flash Player 11.2.202.235, with a highest priority on Windows computers.