Adobe has shipped a patch for a critical vulnerability affecting Flash Player on Windows, macOS, Linux and Chrome OS.
The vulnerability, known as a type confusion bug, enables remote code execution, and could allow hackers to install malware on the computers of users who have visited web pages hosting malicious Flash files.
Sign up to Emerging Threats, our weekly cyber security newsletter
In a security bulletin published on Tuesday (20 November), Adobe urged users running Flash 220.127.116.11 to update to 18.104.22.168. Users can verify which version they are running by visiting the company’s “About Flash Player” web page.
Last year, Adobe announced it would shut down the Flash Player plug-in by the end of 2020. The software has been widely superceded in recent years by HTML5, which lets users watch videos without installing a dedicated plugin.
Adobe did not instantly respond to a request for comment.