Adobe Releases Critical Update for New Flash Security Vulnerability

Adobe has issued yet another critical security update for a zero-day vulnerability in its Flash Player. The company initially announced the exploit earlier this week and issued a security advisory.

Here’s the Adobe security bulletin summary for this latest patch which fixes 24 other issues, too:

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.  Adobe is aware of a report that an exploit for CVE-2016-4117 exists in the wild. Please refer to APSA16-02 for additional details.

To make sure you have the latest secure version of Flash, head to the Adobe help page and follow the step-by-step instructions. Or, you can also check the version of Flash that’s running on your computer at the About Flash Player page.

Protect Your Computer from Flash Exploits

The best way to protect your computer from Flash is not to install it to begin with or to uninstall it. However, that isn’t a realistic option for millions of users. If uninstalling isn’t an option, we recommend you enable the Click-to-Play option in your browser(s). That will stop Flash ads from automatically rendering and help avoid an attack. Then, if you need to use Flash on a site, you can enable it yourself manually.

For detailed instruction on enabling the click-to-play feature in all browsers, as well as other helpful tips on avoiding Flash insecurities, read:

How to Protect Your Computer from Adobe Flash Exploits in Your Browser

If you’re a Mac user, read our article:

How to Protect Your Mac Against Adobe Flash Vulnerabilities

Also, always make sure your antivirus software is up-to-date. Whether you’re running Windows, Mac, Linux, or Chrome OS, always make sure your system’s operating system has the latest security updates as well.

These critical and emergency patches for security holes in Flash are becoming a monthly, sometimes weekly, event. This latest update comes after last month’s emergency patch against a Ransomware attack.