How many times a month should you patch a piece of software? Well, if you are talking about Adobe Flash then the answer is 3 times and the month isn’t even over yet!
If you have a Windows PC or Mac then you are being advised to patch ASAP.
“Adobe is aware of reports that CVE-2013-0643 and CVE-2013-0648 are being exploited in the wild in targeted attacks designed to trick the user into clicking a link which directs to a website serving malicious Flash (SWF) content. The exploit for CVE-2013-0643 and CVE-2013-0648 is designed to target the Firefox browser.”
Adobe have assigned a priority rating of 1 to Flash running on Windows or Mac OS X meaning, “vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild.” There is also a rating of 3 for Linux users which is obviously not so severe, meaning, “vulnerabilities in a product that has historically not been a target for attackers.”
This latest patch is the third for the month of February. Back on the 7th Adobe fixed two vulnerabilities and then there was the scheduled patch release on the 12th. And on the 20th of the month the company also had to patch their Adobe Reader application as well.
Personally I’m wondering how much time is left for Flash as well as Java (two more vulnerabilities were discovered yesterday) as they seem to be targeted way too often nowadays.