"Critical" Adobe Flash Player exploit revealed by weekend leak

Flash F

The good people at Ars Technica bring us word of a major security flaw in the Adobe Flash player that, unless you've updated today, you are almost certainly vulnerable to. The flaw came to light following a weekend hack on the digital security company Hacking Team (ironic, I know), which resulted in a whopping 400GB of data being dumped onto the net.

Details about the exploit, described in Hacking Team documentation as "the most beautiful Flash bug for the last four years," were posted yesterday, as was a confirmation from Symantec that said it "could allow attackers to remotely execute code on a targeted computer." And because knowledge of the exploit is now public, it also predicted that "groups of hackers will rush to incorporate it into exploit kits before a patch is published by Adobe."

Adobe said in a security bulletin that the exploit affects all Flash Player versions up to and including 18.0.0.194, and is "critical," meaning it could "allow malicious native-code to execute, potentially without a user being aware." The bottom line is that, unless you updated Flash today, you'll want to get on it as soon as possible. You can check your Flash version here, or you can just skip all that and grab the latest and greatest at Adobe.com. (And don't forget to uncheck that "optional offer" in the middle, unless you actually want it.)

Andy Chalk

Andy has been gaming on PCs from the very beginning, starting as a youngster with text adventures and primitive action games on a cassette-based TRS80. From there he graduated to the glory days of Sierra Online adventures and Microprose sims, ran a local BBS, learned how to build PCs, and developed a longstanding love of RPGs, immersive sims, and shooters. He began writing videogame news in 2007 for The Escapist and somehow managed to avoid getting fired until 2014, when he joined the storied ranks of PC Gamer. He covers all aspects of the industry, from new game announcements and patch notes to legal disputes, Twitch beefs, esports, and Henry Cavill. Lots of Henry Cavill.