Adobe and
Microsoft each issued security updates today to fix critical vulnerabilities in their software. Adobe’s fixes include a patch for a
Flash Player flaw that is actively being exploited to break into
Windows computers. Microsoft’s Patch Tuesday release includes nine patch bundles — more than half of them rated critical — addressing at least 27 security holes in Windows and related software.
The most pressing of the updates Adobe released today is the Flash Player patch, which fixes
a critical flaw (CVE-2012-1535) in the ubiquitous media player software. Adobe says there are reports that the vulnerability is being exploited in the wild in limited targeted attacks, distributed through a malicious
Microsoft Word document. The exploit targets the
ActiveX version of Flash Player for
Internet Explorer on Windows.