Today, a Security Bulletin (APSB11-26) has been posted to address critical security issues in Adobe Flash Player. This Security Bulletin affects Flash Player 10.3.183.7 and earlier versions for Windows, Macintosh, Linux and Solaris, and Flash Player 10.3.186.6 for Android. There are reports that one of these vulnerabilities (CVE-2011-2444) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message. This universal cross-site scripting issue could be used to take actions on a user’s behalf on any website or webmail provider if the user visits a malicious website. Adobe recommends users apply the updates for their product installations.
This posting is provided “AS IS” with no warranties and confers no rights.