Flash Exploits on the Loose: Update Now


"Hopefully you noticed that earlier, Adobe issued multiple security
updates, which included an update for Adobe Flash Player by way of
APSB11-18. What you may not know is that the issue fixed by this update,
CVE-2011-2110, is being exploited in the wild on a fairly large scale.
In particular this exploit is showing up as a drive-by in several
legitimate websites, including those belonging to various NGOs,
aerospace companies, a Korean news site, an Indian Government website,
and a Taiwanese University. The links are also being used in targeted
spear phishing attacks designed to lure particular individuals into
clicking the links with hopes of compromising their machines. In case
there is any doubt at all, this is very bad. If you run a version of
Adobe Flash that is older than (or for Android),
then is is absolutely critical that you update your Flash Player."