Adobe has issued a “Critical” security update addressing 7 vulnerabilities, one of which is currently being exploited. One is a cross scripting vulnerability and six allow infection via crafted web pages.

“The cross site scripting attack is basically aimed at Internet Explorer on Windows systems, tricking users to click on malicious links. Adobe says the vulnerability “could be used to take actions on a user’s behalf on any website or webmail provider, if the user visits a malicious website”.  Adobe highly recommends its users to update their Adobe Flash Player to the newest version 11.1.102.62 by downloading it from the Adobe Flash Player Download Center.” - http://techie-buzz.com/online-security/adobe-releases-critical-security-update-for-flash-player.html

Just a quickie.

Source:

http://techie-buzz.com/online-security/adobe-releases-critical-security-update-for-flash-player.html

Here’s the complete list of updates in the new version of Flash Player -

• This update resolves a memory corruption vulnerability that could lead to code execution (Windows ActiveX control only) (CVE-2012-0751).
• This update resolves a type confusion memory corruption vulnerability that could lead to code execution (CVE-2012-0752).
• This update resolves an MP4 parsing memory corruption vulnerability that could lead to code execution (CVE-2012-0753).
• This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2012-0754).
• This update resolves a security bypass vulnerability that could lead to code execution (CVE-2012-0755).
• This update resolves a security bypass vulnerability that could lead to code execution (CVE-2012-0756).
• This update resolves a universal cross-site scripting vulnerability that could be used to take actions on a user’s behalf on any website or webmail provider, if the user visits a malicious website (CVE-2012-0767).