Adobe issues security bulletin for Flash...again

In the race to the bottom of security, Flash has remained a strong contender, competing with Java to win the competition. It's really nothing against Adobe, the company seems to try fairly hard to keep things safe. It's more that Flash is so popular that it becomes a primary target. Something Microsoft would know a thing or two about, given the success of Windows.

The company has issued its latest security bulletin. It isn't the best of news -- the report seems to encapsulate two vulnerabilities, and both are being exploited in the wild.

"Adobe is aware of reports that an exploit for CVE-2015-0310 exists in the wild, which is being used in attacks against older versions of Flash Player. Additionally, we are investigating reports that a separate exploit for Flash Player 16.0.0.287 and earlier also exists in the wild". The exploit was pointed out by third-party researchers.

The software maker is considering this a priority and recommending that users update to the latest version of Flash. At the moment, no patch has been issued.

Updating Flash can be tricky for the average user. Messages pop up on certain websites telling the person to do so and "helpfully" providing a link. However these are frequently fake. Always navigate to the Flash site to get your update from the real source.

Image Credit: Ribah / Shutterstock