Today, a Security Bulletin (APSB12-09) has been posted to address a critical security issue in Adobe Flash Player 18.104.22.168 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 22.214.171.124 and earlier versions for Android 4.x, and Adobe Flash Player 126.96.36.199 and earlier versions for Android 3.x and 2.x. Adobe recommends users apply the updates for their product installations. There are reports that the object confusion vulnerability (CVE-2012-0779) addressed in this update is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious file delivered in an email message. The exploit targets Flash Player on Internet Explorer for Windows only.
This posting is provided “AS IS” with no warranties and confers no rights.