|15 Mar 2011||#1|
| || |
Critical Flash flaw won't be fixed until next week
Adobe Systems has discovered a "critical vulnerability" in its Flash Player that might cause all kinds of trouble for users.
The company said yesterday that the flaw could cause a user's computer or mobile device to crash--and, more concerning, that the vulnerability could "potentially allow an attacker to take control of the affected system." So far, the company has discovered that the vulnerability is being exploited in Flash files, as well as through Microsoft Excel. Adobe said that the issue hasn't affected Reader or Acrobat.
The flaw affects Adobe Flash Player 10.2.152.33 and earlier versions of the platform running on every major operating system, including Windows, Macintosh, Linux, and Solaris. It's also an issue on Android devices running Flash 10.1 and earlier.
Adobe plans to release a fix for the vulnerability sometime next week. Until then, the company warned users to "follow security best practices by keeping their anti-malware software and definitions up to date."
Critical Flash flaw won't be fixed until next week | The Digital Home - CNET News
|My System Specs|
|17 Mar 2011||#4|
| || |
And it gets better
Adobe has published a security advisory in response to a critical flaw found in Flash Player. The vulnerability affects Flash Player for Windows, Mac OS X, Linux, Solaris, and Android, and also impacts the authplay.dll component included in Adobe Acrobat and Adobe Reader X.
Adobe is working on a fix for the vulnerability. An update for Flash Player, Acrobat, and some versions of Reader is expected to be available sometime next week. However, because the sandbox protection in the Windows version of Adobe Reader X would protect against this flaw being exploited, Adobe does not plan to update that software until the next regular quarterly update scheduled for June 14.
Adobe Flash Hit with Zero-Day Exploit - PCWorld Business Center
|My System Specs|
|Similar help and support threads for2: Critical Flash flaw won't be fixed until next week|
|Patch Tuesday: Microsoft to fix one critical Internet Explorer flaw||News|
|Researcher warns about critical flaw in D-Link routers||Security News|
|Critical flaw hits latest VLC media player software||Security News|
|Oracle confirms existence of another critical Java flaw||Security News|
|WD Caviar Green HDDs Suffer from a Critical Design Flaw||News|
|Researcher: 40 Windows Apps Affected by Critical Flaw||News|
|Critical bug fixed in Thunderbird||Browsers & Mail|