Adobe has announced a new vulnerability in its Flash platform that allows attackers to remotely take over and control your Mac, PC, or Linux computer. The company advises users to update their system as soon as possible.
The bug affects Flash Player 184.108.40.206 and earlier on the Mac, Flash Player 220.127.116.11 and earlier on Windows, and Flash Player 18.104.22.1680 and earlier on Linux. Adobe says that attacks exploiting this flaw have been discovered “in the wild,” and it strongly encourages users to apply the latest updates immediately.
Mac and Windows PC owners should update to Flash Player 22.214.171.124, while users running Linux should update to Flash Player 126.96.36.1996. Versions of Flash installed alongside Google’s Chrome browser or Microsoft’s Internet Explorer 10 and 11 will receive updates automatically.
Security firm Kaspersky Lab says the vulnerability — which received CVE number 2014-0515 — is “located in the Pixel Bender component, designed for video and image processing.”
The bug is the second of the remote execution type to pop up in Flash this year. A similar flaw that also affected all platforms, appeared in February.
You can check which version of Flash you have installed on your computer by visiting Adobe’s About Flash Player page or right-clicking on Flash content in their browser and choosing “About Adobe (or Macromedia) Flash Player” from the contextual menu.