Adobe Flash Security Hole Uncovered

San Jose based software developer, Adobe, issued a Security Advisory for the latest versions of Flash on Monday. The company issued a warning of a vulnerability that has resulted in "targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment," according to an announcement on its security blog. The warning also mentioned reports that the "vulnerability is being exploited in the wild," meaning hackers are exploiting the security gap already.

Adobe said that the Adobe Flash vulnerability affects pretty much all major operating systems that the Flash player runs on, including "Windows, Macintosh, Linux and Solaris operating systems" as well as the Android smartphone operating system. 

Certain versions of Acrobat 9 and Acrobat X versions are mentioned as vulnerable also. The company said it was preparing a fix that would be resolved through an update, and it would be available "during the week of March 21, 2011."

A Future without Flash

Adobe appears to be preparing for a probable future without Flash. The company announced today that it would be using Medialets as its mobile ad platform on its own creative products, such as InDesign and mobile app development using Adobe products. Medialets's ad server allows ads to be played on Apple's mobile devices running iOS as well as Flash on Android and other platforms.

Last week, VP of products for Mozilla, the company that makes the popular Firefox browser, Jay Sullivan said that HTML5 would eventually replace Adobe Flash. Ryan Gavin, senior director of Internet Explorer development team, said in an interview with FastCompany that HTML5 was "going to unlock and move forward a new set of web experiences."

Meanwhile, a Google Chrome update in early March put Adobe Flash in a sandbox for security, but some users have begun to experience problems. The U.K. based PCPro magazine reported that "when Chrome has multiple instances of Flash running, the plugin crashes."