Adobe has released a new version, 18.104.22.168, of its Flash Player for Mac OS X, Windows, Linux, and Solaris. The new version fixes seven identified security vulnerabilities, one of which (a cross-site scripting bug) is currently being exploited. There is also a corresponding new version of FlashPlayer for Android. Adobe reports that the following versions of the software are affected by these vulnerabilities:
- Adobe Flash Player 22.214.171.124 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 126.96.36.199 and earlier versions for Android 4.x, and Adobe Flash Player 188.8.131.52 and earlier versions for Android 3.x and 2.x
Further details are available in the Security Bulletin [APSB12-03].
The new version for Windows, Mac OS X, Linux, and Solaris can be downloaded here. (Windows users should note that they may need two updates: one for Internet Explorer, and one for all other browsers.) Android user can get the new version from the Android Marketplace.
Because Flash Player is very widely installed, across multiple platforms, it is an attractive target for the maliciously inclined. I recommend that you update your system as soon as you conveniently can.