Beware! Adobe has confirmed vulnerabilities exploitable via leaked proof-of-concept (PoC) code, detected in its Flash Player. Flagging it as a critical security issue, Adobe calls on all Windows, Linux and Mac users to temporarily stop using the program, who have Flash Player add-ons installed in their Internet browsers. In its security bulletin Adobe has published a post where it is said that vulnerabilities are so serious that if attacker exploits them, he could harm and take control over the affected computer to a great extent.

Flash Player is vulnerable

These vulnerabilities (CVE-2015-5122, CVE-2015-5123) are found in and other older versions of Flash Player.

The issue was first discovered by Trend Micro and FireEye and reportedly these security software companies are working with Adobe to fix it.

Symantec, the leading and reputed Antivirus company released a post stating that (CVE-2015-5122) vulnerability is supposedly belongs to the hacking team of an Italian company that is said to have suffered major data breach. Over 400GB of sensitive data comprising highly sensitive source code, documents etc. was leaked and posted publicly on internet that increased the risk of misusing this data by hackers.

Which version of Adobe Flash player is affected

  • Adobe Flash Player and earlier versions for Windows and Macintosh
  • Adobe Flash Player and earlier versions for Linux installed with Google Chrome
  • Adobe Flash Player Extended Support Release version and earlier 13.x versions for Windows and Macintosh
  • Adobe Flash Player Extended Support Release version and earlier 11.x versions for Linux

Symantec advised to disable the flash player across all internet browsers until the patch is released.

How to disable Adobe Flash Player for different browsers

Google Chrome

  • Open your browser and in the address bar type chrome:plugins
  • Here you will be able to see the list of all Chrome plugins with associated options
  • Simply locate Flash Player and disable it

Internet Explorer

  • Open Internet Explorer and then go to “Tools > Manage add-ons”
  • Under show select “all add-ons”
  • Here disable the Shockwave Flash Object

Mozilla FireFox

  • Open FireFox browser and then in browser menu go to “add-ons > Plugins”
  • And disable Shockwave Flash Object

Doing the same, you can enable Flash Player, having the vulnerability fixed.