“Attackers are targeting a patched bug in Adobe Flash Player spread via malicious Microsoft Word documents.
The attacks are focused on CVE-2012-1535, a remote code execution vulnerability that impacts Windows, Macs and Linux systems. Adobe Systems patched the flaw Aug. 14 in a regular security update.
However, attackers are still on the lookout for unpatched computers. If exploited, the bug can be used to enable an attacker to take control of the compromised machine. According to Symantec, attackers have been targeting the flaw for the past couple of weeks using malicious Word documents.
The Word files came in emails with a variety of subjects, including some about the iPhone 5, seemingly business-related titles such as “IT Notice” and an email about the effect of the Olympic games on London’s economy… “
Source: Security – News & Reviews – eWeek.com
Adobe Flash Player Bug Spreading Via Word Documents in Emails