We’re all aware of the need to run updates on our software to stay secure. But last month you may have had to run more than usual, with three security patches released for Adobe Flash Player in February.
Last month, Adobe advised customers to protect their PCs against “targeted attacks” by issuing three separate security updates for Flash Player.
Bearing in mind February is the shortest month, the number of patches seemed rather high. The vulnerabilities Adobe identified were said to target machines irrespective of the operating system – so whether Windows, OS X or Linux is installed, you’re still likely to be under threat.
Users being tricked
In the executive summary released by the company, Adobe stated that it was “aware of reports that CVE-2013-0643 and CVE-2013-0648 are being exploited in the wild in targeted attacks designed to trick the user into clicking a link which directs to a website serving malicious Flash (SWF) content.”
Adobe Reader also attacked
Additionally, a major vulnerability was detected in Adobe Reader. The company released a patch on 20th February, just eight days after the threat had been found. The swift response reflected the Priority 1 status Adobe had attached to it – this was due to the vulnerability not just being recognised but already exploited for Windows and Mac. For Linux users, it attributed a Priority 2 status since exploits were not yet known.
How to run these updates?
Those using IE 10 or Chrome for Windows 8 are the lucky ones – your Adobe Flash software should update itself automatically. Also, if you’re already instructed Adobe Flash to run updates, you’ll be covered. Other users will be prompted to run updates as they are released and should follow the instructions provided.
The latest version of Adobe Reader can be downloaded from the Adobe website.
How to check what versions of Adobe I am running?
To check which version of Flash you are running you can visit this site: http://helpx.adobe.com/flash-player/kb/find-version-flash-player.html
[alert color=”blue”] As this article went to press, the current version of Flash was 11.6.602.171 – or 126.96.36.1993 for Linux users. [/alert]
To check which version of Adobe Reader you have installed:
1) Open up Adobe Reader.
2) Click “Help” on the menu, and then click on “About Adobe Reader”.
3) The text will state what version is running.
At the time of writing, 11.0 was the latest version.
How quickly should you act?
Adobe’s advice to its users is to run updates for Priority 1 case as soon as possible – preferably within three days. For Priority 2 cases, fast action is not as imperative – within a month will suffice.