New
#1
many thanks mate for the great info
more..Adobe has posted a security advisory for Adobe Reader, Acrobat and Flash Player. The company states that a critical vulnerability is present in the current versions of Flash Player (v9.0.159.0 and v10.0.22.87) for Windows, Macs and UNIX operating systems and the authplay.dll component that ships with Adobe Reader and Acrobat v9.x on the same operating systems.
many thanks mate for the great info
Adobe really needs to rewrite Flash and Shockwave from the ground-up now...
Especially Flash since you need a dual-core PC to actually view Flash videos without the annoying buffering in YouTube, especially on Windows XP.
On the otherhand, I can view Silverlight content perfectly smooth and clear on the same XP PC...
Sites really need to start adopting silverlight.
how do you make silverlight your default player thing? can you make it your default it firefox?
from what i know they are different formats and so they are not compatible...
as for me yes i hate the fact that the its forced me to run with High performance just to play youtube (with being able to play 720p and 1080p content through DXVA at power saver or balanced...) which i really hate...
and thanks for the update
thats why i love flashblock....
Adobe Product Security Incident Response Team (PSIRT)
Bold added by me.We evaluated the impact of the vulnerable versions of the Microsoft Active Template Library (ATL) / CVE-2009-0901, CVE-2009-2395, CVE-2009-2493 / Microsoft Security Advisory (973882) on the Adobe product portfolio. We determined that Flash Player and Shockwave Player are the two products that leverage vulnerable versions of ATL. A Security Advisory for Flash Player and a Security Bulletin for Shockwave Player have been posted to our security bulletins and advisories page.
PSIRT has determined that the Adobe Reader browser plug-in for Internet Explorer, Connect Pro, Flash Lite for mobile devices, LiveCycle SAP Forms and other products are NOT vulnerable to CVE-2009-0901, CVE-2009-2395, or CVE-2009-2493.
Note that only Internet Explorer plug-ins are vulnerable. Thus, people using Flash Player within the Firefox browser -- as well as all other Windows-based browsers (that aren't Internet Explorer) -- are not vulnerable. Additionally, Flash Player and Shockwave Player on Macintosh, Linux and Solaris operating systems are not vulnerable.
Per the Shockwave Player Security Bulletin, this vulnerability has been patched in the latest version of Shockwave Player, which is now available for download (Adobe - Adobe Shockwave Player). Per the Security Advisory for Flash Player, this vulnerability will be patched in the scheduled July 30, 2009 update of Flash Player.
Users should consider installing MS09-034. As a defense-in-depth measure, this Internet Explorer security update helps mitigate known attack vectors within Internet Explorer for those components and controls, such as Flash Player and Shockwave Player, that have been developed with vulnerable versions of ATL as described in Microsoft Security Advisory (973882) and Microsoft Security Bulletin MS09-035.
We will continue to provide updates on this issue via the Security Advisory section of the Adobe web site, as well as the Adobe PSIRT blog.
This posting is provided "AS IS" with no warranties and confers no rights.
This is reassuring. Lately I've taken to not installing any plug-ins into IE. I use it mainly to only check links for problems.
Just got the latest player.
Adobe - Adobe Flash Player
Slashdot IT Story | 92% of Windows PCs Vulnerable To Zero-Day Attacks On Flash