[NewsPoster]

A critical vulnerability has been identified in Adobe Flash Player by security researchers at Trend Micro. All versions for Windows, Macintosh and Linux of the problematic plugin, including this week's release, are all affected by the vulnerability. Targets of the attack can have the flaw exploited to induce a system crash and potentially allow an attacker to take control of the affected computer.

Adobe is aware of a report that an exploit for this vulnerability, labeled CVE-2015-7645, is being used in limited, targeted attacks. The company provided few details of the information it has. A fix isn't expected immediately -- Adobe expects to make an update available during the week of October 19.   

The flaw, identified by Trend Micro, is being used in the "Pawn Storm" attacks against embassies and governments. The researchers report that one victim "got its DNS settings for incoming mail compromised." Users are advised to uninstall Flash until the flaw is fixed.

[Mr. Strat]

Enough already! Can we please put the nail in the coffin of this pathetic technology?

[I'mDaMac]

I don't have Flash installed on my iMac. I did install Chrome for those instances when Flash is needed but I find myself using it less as time goes by.

[Makosuke]

No! A zero-day Flash exploit? What is the world coming to?

...the 15th of the month. Because if it's the 15th of the month, Adobe is probably announcing yet another zero-day Flash exploit. Or three. Like clockwork.

How someone could even manage to write software that buggy is beyond me.

[climacs]

the easiest (and most common) IT article in the world to write: "Critical Flash flaw identified"