Recently, Adobe released security update for Flash Media Server and Flash Player. The first update resolves critical vulnerabilities, which affect Flash Media Server (FMS) 4.0.1 and prior versions, and FMS 3.5.5 and prior versions for Windows and Linux. The vendor has recommended users to install FMS 4.0.2 and FMS 3.5.6 to prevent exploitation of critical vulnerabilities. The latest update mitigates memory corruption and data corruption issues. The memory corruption issue could allow attackers to execute arbitrary code, whereas data corruption issue could cause denial of service vulnerability.

The second update resolves critical vulnerabilities in Adobe Flash Player, which affect 10.2.159.1 and prior versions for Windows, Macintosh, Linux and Solaris users, Flash Player 10.2.154.28 and prior for Chrome users, and 10.2.157.51 for Linux users. Windows, Macintosh, Linux and Solaris users must upgrade to 10.3.181.14, Chrome users to version 11.0.696.68 of Chrome and Android users to 10.3.185.21. The latest Flash Player mitigates design flow, integer overflow issue, several memory corruption and bounds checking vulnerabilities. The flaws may crash the application and allow attackers to gain control of the compromised computers. The vendor has alerted users of attempts by attackers to exploit the vulnerabilities through malicious .swf file embedded in Microsoft Word and Microsoft Excel. The malicious documents are sent as attachments with cleverly crafted e-mails. Unscrupulous users, who fall prey to the enticing e-mails and open attachments, inadvertently install malware in their computers. The malware could be used to extract, delete or modify information stored in computers. Attackers may use the stolen information to launch phishing attacks, dispatch spam e-mails and extract more sensitive information from Internet users.

Adobe products are popular targets of cybercriminals as they are widely used by Internet users. Attackers may also target employees to compromise an organization’s computers and gain access to privileged business information. Hiring professionals qualified in IT degree programs may aid organizations in timely identification and application of necessary security updates to software applications.Online IT courses may help IT professionals to update themselves on latest developments in the field of IT security.

Employees must be trained on safe computing practices through e-learning programs, and encouraged to undertake online IT degree programs to create IT security conscious culture in organizations. Internet users must avoid opening attachments from strangers and unknown sources. Installing latest updates to software applications, and anti-malware solutions may help users in safeguarding their computers from malicious attacks.