If you still have Adobe Flash Player installed on your Mac, PC, or Linux machine, you’d best be advised of a new Adobe security bulletin about another security issue with the Flash Player plug-in, version 184.108.40.206 and earlier.
A critical vulnerability (CVE-2015-7645) has been identified in Adobe Flash Player 220.127.116.11 and earlier versions for Windows, Macintosh and Linux. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.
Adobe is aware of a report that an exploit for this vulnerability is being used in limited, targeted attacks. Adobe expects to make an update available during the week of October 19.
Adobe denotes the exploit as critical, which is the highest level on its Severity Rating System. A critical vulnerability is: “A vulnerability, which, if exploited would allow malicious native-code to execute, potentially without a user being aware.”
Affected Software Versions Are:
- Adobe Flash Player 18.104.22.168 and earlier versions for Windows and Macintosh
- Adobe Flash Player Extended Support Release version 22.214.171.124 and earlier 18.x versions
- Adobe Flash Player 126.96.36.1995 and earlier 11.x versions for Linux
To verify the version of Adobe Flash Player installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select “About Adobe (or Macromedia) Flash Player” from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.