Security flaw in Flash 10.2 threatens Android devices

Adobe has once again posted information regarding a malicious exploit for its widespread Flash software. Unfortunately, among a number of other platforms, the “critical” vulnerability can affect Google's Android mobile OS as well. The threat comes hidden inside of a Microsoft Word file containing embedded Flash content. Adobe reports that hackers are already using the exploit in order to obtain personal data by sending contaminated Word files as email attachments.

According to Adobe's Product Security Incident Response Team (PSIRT), the security “hole” may be exploited by a hacker enabling them to take control over the targeted device and steal personal data. In order for that to happen, it is required that the victim opens the Word file and clicks on the harmful Flash file, embedded inside it. Luckily, a patch from Adobe is on the way, and the vulnerability only affects Android devices running Flash 10.2.154.25 or a version prior to it.

Of course, this isn't the first time Adobe Flash is in the scope of hackers targeting unsuspecting victims. After all, it was less than a month ago when we reported about a quite similar vulnerability. Our advice is to be careful when opening your email attachments, keep your software up to date, and always bear in mind that no mobile platform out there is a hundred percent secure.

source: PSIRT via Android Authority