Adobe fixes critical Flash Player bug affecting Reader

From CNET News.com: Adobe today released a fix for a critical vulnerability in Flash Player that affects Adobe Reader and Acrobat and which reportedly has been exploited in attacks via Flash files embedded in Excel files distributed via e-mail.

The vulnerability, reported last week, could allow an attacker to crash a system or take control of it. Adobe is not aware of attacks targeting Adobe Reader and Acrobat, the company said, also noting that Adobe Reader X Protected Mode, a sandboxing technique, prevents an exploit of this type from executing.

The bug has been identified in Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier versions for Chrome users) for Windows, Macintosh, Linux, and Solaris operating systems, and Adobe Flash Player 10.1.106.16 and earlier versions for Android, according to the bulletin.

A separate bulletin fixes a related critical vulnerability in the authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.

Adobe has made Reader 9.4.3 available for users of Adobe Reader 9.4.2 for Windows and Macintosh and recommends users of Adobe Acrobat X (10.0.1) for Windows and Macintosh update to Adobe Acrobat X (10.0.2).

View: Article @ Source Site