Bugs & Fixes: With exploit roaming in the wild, Adobe updates Flash and Air

You don't want some evildoer to take over your system remotely, and neither does Adobe. Citing this potential vulnerability, Adobe patched its Flash Player to—and version 11 to 11.7.700.269 (Windows and Macintosh), and (Linux). 

This is an update well worth doing. Adobe identifies each specific vulnerabilty by a Common Vulnerabilities and Exposure numbers: For instance, this update addresses CVE-2014-0498, describing a remote execution vulnerability, and CVE-2014-0499, which covers some unsecured code addresses.

But the third one's the kicker: CVE-2014-0502 involves a bizarre situation where the same memory is being freed twice, possibly leading to a buffer overflow. You may wonder what this has to do with anything, but Adobe is "aware of reports that an exploit for CVE-2014-0502 exists in the wild, and recommends users update their product installations."

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon