Adobe has announced that a flaw in its Flash Player on multiple platforms, including Android, could let hackers take over devices, highlighting ongoing smartphone security concerns.
The vulnerability affects certain versions of Flash Player for Windows, Mac OS X and Linux, as well as Google’s mobile OS, Android.
“This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system,” said Adobe in a security alert.
Adobe said it expects to release a patch for the problem next week. Until then, users are exposed to at least one exploit circulating in the wild, which Adobe describes as a Microsoft Excel document containing Flash code the attacks the vulnerability.
The fact that the same vulnerability has been found on the two most common computing platforms and a leading mobile OS underscores how smartphone users must begin to approach security on their mobile devices in the same way they’re used to doing with desktops and laptops: by installing antivirus software and avoiding suspicious attachments and shady web sites.
Apple’s iPhone, which famously doesn’t support Flash, is immune to the exploit.
Mobile malware infections increased 33 percent from 2009 to 2010, according to security firm AdaptiveMobile. As smartphone usage increases and mobile payment technologies roll out, malware authors will see mobile platforms as ever more tempting targets.
Flash Player is widely used on web sites for playing video and displaying advertisements and moving graphics. The software is heavily targeted by hackers because of its widespread use across multiple platforms. Reports of successful exploits are common.