The update (v126.96.36.199) is critical for Windows, Mac, Android, iOS and ChromeOS. Adobe says the upgrade patches 23 holes in the software. However, one of the holes is found to already being used in limited, targeted attacks.
One of the known exploits allows a hacker to take over your machine and steal valuable data or used to spy on you.
Adobe urges users to download and apply the patch as soon as possible.
Vulnerabilities with the Flash player were uncovered by security experts at Google, Microsoft, Kapersky Labs and Alibaba.
While modern browsers are sandboxed to minimize crashes and vulnerabilities, getting rid of Flash may be the most foolproof solution. Many security experts recommend that you uninstall Flash from your system completely. If that’s not possible, at least stop the plugin from running automatically in your browser.
Last year, Facebook called for Adobe to choose an “end-of-life date” for the software. Meanwhile, Google says it will discontinue Flash-based ads.
I’ve long uninstalled Flash on my Mac, and it’s disabled on my Windows 10 PC at home.
I think it’s really time for Flash to call it day. And the Java plugin too.