Adobe just released a Flash update due to active exploitation on both Macs (yes, Macs) and Windows:

Adobe is also aware of reports that CVE-2013-0634 is being exploited in the wild in attacks delivered via malicious Flash (SWF) content hosted on websites that target Flash Player in Firefox or Safari on the Macintosh platform, as well as attacks designed to trick Windows users into opening a Microsoft Word document delivered as an email attachment which contains malicious Flash (SWF) content.

Instead of patching, do the following:

  1. Uninstall Flash from your computer (WIndows, Mac).
  2. Download Google Chrome.
  3. Profit!

Use Chrome’s internal Flash sandbox, so you can uninstall Flash at the OS level. Not perfect, but much better than using Flash through other browsers and having it available on your system for things like those nasty embedded Word attachments.

Share: