Adobe rushes out emergency update for 'critical' Flash security flaw

With the vulnerability already being exploited by hackers, Adobe recommends all Flash users install the security patch as soon as possible.

Katie Collins Senior European Correspondent
Katie a UK-based news reporter and features writer. Officially, she is CNET's European correspondent, covering tech policy and Big Tech in the EU and UK. Unofficially, she serves as CNET's Taylor Swift correspondent. You can also find her writing about tech for good, ethics and human rights, the climate crisis, robots, travel and digital culture. She was once described a "living synth" by London's Evening Standard for having a microchip injected into her hand.
Katie Collins
2 min read
Adobe Flash Player update pop-up

Adobe's Flash Player is holey like a Swiss cheese right now.

Adobe Systems

Adobe's much-beleaguered Flash media player is having another bad day.

An emergency update was released by Adobe Systems on Thursday after 23 loopholes in the software were discovered. The company issued a security advisory explaining that there have been a "limited number of targeted attacks" as one of the loopholes became actively exploited.

Adobe is urging people to install the latest update as quickly as possible, no matter whether they're running Windows, Mac or Linux software.

Not sure whether you have Flash installed or have automatic updates switched on? Adobe has a simple tool that lets you check.

The critical rating assigned to this particular vulnerability means that if it is exploited by hackers, malicious code could be executed and your computer taken over, potentially without you being aware of it. This could be used to spy on you or to steal your data. All it would take for your computer to be affected is for you to be ambushed by a rogue Flash-powered Web page or ad.

The vulnerability is just the latest in a series of major security flaws that Adobe has been forced to acknowledge. Flash was once the darling of the Internet, used for running games, powering graphics and streaming media inside Web browsers. But its heyday is well and truly over, with many tech companies fed up with its many security vulnerabilities and the toll it takes on smartphone batteries.

High-profile critics of Flash have ranged from Apple CEO Steve Jobs to Facebook's security chief, Alex Stamos. Last year Google announced that Flash ads would no longer run by default in its popular Chrome Web browser, and it is also blocked by default in Firefox. Citing the many problems with the software, some tech execs and security researchers have recommended disabling or uninstalling it completely.

Adobe has credited researchers from Google, Alibaba, Microsoft, Kaspersky and other organizations for helping it to catch the bug.