Adobe has announced that it has discovered a 'critical' flaw in its Flash Player for Android that could potentially help hackers seize control of smartphones.
According to the software maker, Android devices running Flash Player 10.1.106.16 are chief among those affected by the security hole dubbed CVE-2011-0609, which is said to leave devices vulnerable to unauthorised access by hackers looking to steal sensitive data without the user’s knowledge.
Adobe posted in its official blog: “There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment."
It added: “We are in the process of finalizing a fix for the issue and expect to make available an update for Flash Player 10.x and earlier versions for Windows, Macintosh, Linux, Solaris and Android.”
Although the bug also affects the Adobe Reader application on some desktop platforms, Adobe says Android version is safe to use as normal.
Adobe failed mention what users should do in the meantime to avoid falling prey to hacking attempts, but your best bet is to uninstall Flash from the device or not open any email attachments with Flash or Excel extensions until Adobe releases a fix to the problem.
Was this article helpful?