A critical vulnerability in Adobe's (NASDAQ: ADBE) Flash Player is being actively exploited in the wild, warned Adobe Systems. In the terse advisory released on Monday that gave scant details beyond the bare facts, the company noted that "This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system." Steven Adair of the Shadowserver Foundation was credited with reporting the vulnerability.

According to the security advisory, all editions of Flash Player 10.1.82.76 are affected, which includes Windows, Macintosh, Linux, Solaris and Android platforms. All in all, things aren't looking too good for Adobe, in spite of stepped-up efforts to bolster its security record. As noted by Computerworld, this marks the second consecutive quarter that Adobe was forced to abandon its usual patch schedule in reaction to serious attacks that leverage newly discovered flaws in its software.

For now, users are strongly advised to install a good antivirus product and ensure that its definitions are up-to-date, though it is probably a worth-while idea for Mozilla Firefox users to block Flash altogether using the NoScript add-on. Adobe says it will patch Flash in two weeks, while another Flash-related flaw in Reader will be fixed in three weeks.

For more on this story:
- check out this article at Computerworld
- check out this article at The Register

Related Articles:
Researcher: Adobe patch does not fully resolve critical vulnerability
Adobe warns vulnerability could crash systems
Adobe apologizes for 16-month-old Flash bug
Adobe ranks second on buggiest software list