Release date: February 15, 2012 Vulnerability identifier: APSB12-03
This update addresses critical vulnerabilities in Adobe Flash Player 11.1.102.55 and earlier versions. <snip> These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. This update also resolves a universal cross-site scripting vulnerability that could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. There are reports that this vulnerability (CVE-2012-0767) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message (Internet Explorer on Windows only).
