Adobe has released security updates for Adobe Flash Player. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of an affected system.
Adobe is aware of reports that CVE-2013-0643 and CVE-2013-0648 are being exploited in the wild in targeted attacks designed to trick the user into clicking a link that directs to a website serving malicious Flash (SWF) content.
Security updates are available for the following versions of Adobe Flash Player:
- Adobe Flash Player 11.6.602.168 and earlier versions for Windows
- Adobe Flash Player 11.6.602.167 and earlier versions for Macintosh
- Adobe Flash Player 184.108.40.2060 and earlier versions for Linux
US-CERT encourages users and administrators to review Adobe Security Bulletin APSB13-08 and follow best practice security policies to determine if their organization is affected and the appropriate response.