New Adobe Flash Vulnerabilities Being Actively Exploited On Windows and OS X

Orome1 writes "Adobe has pushed out an emergency Flash update that solves two critical vulnerabilities (CVE-2013-0633 and CVE-2013-0634) that are being actively exploited to target Windows and OS X users, and is urging users to implement it as soon as possible. According to a security bulletin released on Thursday, the OS X exploit targets Flash Player in Firefox or Safari via malicious Flash content hosted on websites, while Windows users are targeted with Microsoft Word documents delivered as an email attachments which contain malicious Flash content. Adobe has also announced its intention of adding new protections against malicious Flash content embedded in Microsoft Office documents to its next feature release of Flash Player."

Re:Huh?

[PlusFiveTroll]

>Who in their right mind opens a Word doc from and unknown source

The idiot secretary in the next office over, or the next floor down.

Then the payload mines her email addresses and sends you "Minutes from meeting" or some similar crap. So now instead of having an email from an unknown person you get an email from someone you'd expect to get word documents from. Hopefully you are in a company that has decent A/V on incoming mail, most small businesses don't.

Re:And replace it with what?

There's a reason Flash is the world's most popular online multimedia platform.

Yes. DRM.