(LiveHacking.Com) – Adobe will release an out of cycle update to Flash to address critical security issues. The update will also fix a universal cross-site scripting issue that is reportedly being exploited in the wild.
Although not all the details are available yet, it is likely (since this is an out of cycle release) that this vulnerability, if exploited, would allow malicious native-code to execute, potentially without a user being aware.
Google is one step ahead of Adobe and has released a new version of its Chrome web browser, which has a built-in version of Flash, to address what it calls “a zero-day vulnerability” in Flash Player:
The Beta and Stable channels have been updated to 14.0.835.186 for Windows, Mac, Linux, and Chrome Frame. This release includes an update to Flash Player that addresses a zero-day vulnerability.