Most computers users have Adobe Flash installed on their computers. That's why it's so important that you install a patch that blocks a leak that could lead computer hackers straight to your personal information.
You might have already seen an invitation to update that Adobe pushed out earlier this week. That's because Michele Spagnuolo took some time off of his job as a Google security engineer to write RosettaFlash, a ready-to-be-weaponized program that could potentially be used to access your sensitive information.
RosettaFlash exploits the way that Flash Player interprets code. The program allows plenty of room for invalid commands that can actually be used to redirect your personal information from its intended destination to a database owned by the hacker.
The best way to protect information is to think like a hacker, and RosettaFlash is basically pointing a gun to the head of every major website that hasn't patched the hole that the program exploits. Spagnuolo is a good-faith hacker, however, and he took precautions before releasing his code.
Because of the sensitivity of this vulnerability, I first disclosed it internally in Google, and then privately to Adobe PSIRT. A few days before releasing the code and publishing this blog post, I also notified Twitter, eBay, Tumblr and Instagram.
These major websites have the information they need to fix the vulnerability, but all you have to do to make sure that you don't get hacked is update your Flash player. Easy enough!