Skip to main content

Adobe Plugs Yet Another Cross-Site Scripting Hole In Flash Player

Adobe has released an emergency update which fixes a cortical vulnerability in it Flash Player software.

The flaw, which affects all versions of the multi-platform media player browser plug-in could allow cross-site scripting (XSS) attacks which can allow access to a host computer by tricking users into visiting a maliciously-crafted web site or opening a poisoned email.

All users on Windows, Mac, Linux and Solaris operating systems with version or older should download the new version as a matter of urgency as exploits for the flaw have already been spotted in the wild according to thinq_

Adobe says it is currently working on a fix for the Android version of Flash Player which should be ready for release some time this week.