Adobe has issued a patch to fix a bug in its Flash Player that was being exploited in targeted attacks using a malicious Flash file or Web page rooted within a Microsoft Excel or Word documents.
Security researcher Mila Parkour, who first reported the Flash flaw to Adobe, said that attacks were initially launched using malicious Word documents, but hackers gradually started using misshapen Excel documents.
The software company acknowledged the bug on Monday and promised to release an emergency update to fix the bug.
Flash Player 10.2.159.1, the new version, has been made available for Windows, Solaris, Linux and Mac.
However, a patch for the same flaw in Google’s Android operating system, which also runs Flash, will take some more time to appear. Adobe said that Android users would receive a patch for the concerned bug by 25th of April.
The PDF viewer Adobe Reader will also be patched by 25th of April. The Flash bug is also present in Reader and the advanced Acrobat as both include code which renders Flash content rooted in PDF files.
The updated version of Flash can be downloaded from Adobe's website.