Adobe pushes critical Flash update for Windows, Mac

The company patches a vulnerability that could let hackers "take control" of people's computers after they visit sites like eBay, Tumblr, and Twitter.

Dara Kerr Former senior reporter

Dara Kerr was a senior reporter for CNET covering the on-demand economy and tech culture. She grew up in Colorado, went to school in New York City and can never remember how to pronounce gif.

See full bio

Dara Kerr

July 8, 2014 7:59 p.m. PT

Adobe Flash Player update pop-up — Adobe Systems

Adobe issued a critical update for Flash Player on Tuesday that aims to patch a security flaw that could let hackers prey on users of popular sites like eBay, Tumblr, Twitter, and Instagram.

The update, which brings Flash to version 14.0.0.145, is geared for users on Windows, Macintosh, and Linux operating systems. According to security blogger Michele Spagnuolo, the flaw this patch addresses lets hackers steal cookies that authenticate users on thousands of websites.

"These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system," Adobe wrote in its bulletin.

Many of the affected websites, like Tumblr and Twitter, have worked to fix the error on their end, according to Spagnuolo. Adobe's update also mends the problem. So far, the vulnerability hasn't been seen in the wild but that doesn't mean hackers haven't been working to exploit it.

Adobe assigned the highest threat level rating to the flaw and advised users of Windows, Macintosh, Linux, and Adobe AIR products to install the update. People using Google Chrome and Microsoft Internet Explorer on Windows 8 will get automatic updates for the Flash Player. Those users that want to do a manual update can go to the Adobe Flash Player Download Center.

Microsoft also issued several critical security updates on Tuesday, which patch 29 vulnerabilities in Windows and Internet Explorer.