Microsoft today confirmed that the version of Flash bundled with Windows XP contains multiple bugs, and urged customers to upgrade to a newer edition of the multimedia player plug-in.

In a security advisory issued alongside a one-patch update for the month, Microsoft acknowledged that Flash Player 6 contains numerous vulnerabilities. Flash Player 6 is the version of Adobe's software that Microsoft includes in Windows XP, even in the copies it continues to sell to computer makers, who offer the eight-year-old operating system on netbooks, notebooks and some desktop PCs.

Adobe discontinued security support for Flash Player 6 in 2006.

"The Adobe Flash Player 6 was provided with Windows XP and contains multiple vulnerabilities that could allow remote code execution if a user views a specially crafted Web page," Microsoft said in its advisory. "Adobe has addressed these vulnerabilities in newer versions of Adobe Flash Player. Microsoft recommends that users of Windows XP with Adobe Flash Player 6 installed update to the most current version of Flash Player available from Adobe."

Only Windows XP is affected by Microsoft's old Flash Player gaffe. Newer versions of Windows include newer editions of Flash Player.

Full story: Computerworld