It's that time again... time to update Flash Player because another new security bug has been found, and it's a doozy. Google engineer, Michele Spagnuolo found a Flash exploit that lets the bad guys to steal cookies and user data using malicious .SWF files. This vulnerability can help hackers “take control” of computers when users visit various sites.
The exploit is called Rosetta Flash, and some of the major companies like Microsoft, Google, Instagram, eBay, Twitter and more have ben scrambling to fix the leak. Of these, Google, Tumblr and Twitter have already dealt with the issue on their sites. Adobe issued a statement and here is a summary from it,
Adobe has released security updates for Adobe Flash Player 14.0.0.125 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.378 and earlier versions for Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system.
With so many security flaws, it's amazing the entire web hasn't already dumped Flash in favor of the more secure HTML5. What do you think?
Source: Adobe