Users of the Microsoft's Internet Explorer are being urged to upgrade to the latest version of Macromedia's Flash player to patch a severe security flaw, which could allow an attacker to run the code of their choice on vulnerable systems to take control over a victim's computer.
Any IE user with un-patched version of the Flash software would be open to the vulnerability if they were to visit a malicious Web page or were to receive malformed e-mail.
The flaw that is actually a "buffer-overflow" exploit is believed to be the first of a kind to affect Flash. The exploit affects the "Flash.ocx" ActiveX component of the Flash player version 6 revision 23, and may affect earlier versions as well.
In a buffer overflow, an intruder floods a victim with so much data that the overflow is able to do things on the computer without the user's permission.
Macromedia's spokesman said that the company had discovered the hole on its own and moved quickly to get a fix out.
Users can download the fixed version of Flash player from here.
IE users urged to patch Macromedia Flash flaw
