Adobe has warned of multiple critical vulnerabilities in its Flash media player that could allow remote attackers to take over users’ machines.
The company has not specified the number of vulnerabilities but has urged users to immediately update their Flash systems to version 22.214.171.124 to close the holes.
In response, Microsoft has also warned users of its Windows XP operating system, and older Windows 98 and Windows Millennium systems, to upgrade to the latest Flash offering, as these platforms were bundled with a flawed version of Flash which is affected by the reported vulnerabilities.
To take over a user’s machine using the Flash flaw, it is believed a remote attacker would have to create a malformed .swf Flash content file on a website and trick a user into opening it.
Adobe said in its advisory, “These vulnerabilities could be accessed through content delivered from a remote location via the user’s web browser, e-mail client or other applications.”
The flaw is being classed as critical by security research companies as no other user interaction is required, apart from opening the online malicious file, for a PC to become compromised.
Adobe acquired the Flash multimedia web content technology when it completed the acquisition of Macromedia at the beginning of the year.