Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: New 0-day vulnerability in Adobe´s Flash Player, Reader & Acrobat

05 Jun 2010   #1

W7-Enterprise + WS-2008 (Converted to Workstation)
New 0-day vulnerability in Adobe´s Flash Player, Reader & Acrobat

hi !

i got a flash-message from SITIC, (the Swedish IT-Incident Center), there is a new 0-day vulnerability in Adobe´s Flash Player, Reader & Acrobat !

info from Adobe:
"Security Advisory for Flash Player, Adobe Reader and Acrobat

Release date: June 4, 2010
Vulnerability identifier: APSA10-01
CVE number: CVE-2010-1297
Platform: All

A critical vulnerability exists in Adobe Flash Player and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat. This advisory will be updated once a schedule has been determined for releasing a fix."

Adobe - Security Advisories: Security Advisory for Flash Player, Adobe Reader and Acrobat
Adobe Flash Player, Acrobat Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability
Security Advisory for Flash Player, Adobe Reader and Acrobat - Adobe Product Security Incident Response Team (PSIRT)

yet another reason not to use Adobe PDF-reader...

there are several other FREE PDF-readers available: - Get a Free Software PDF reader!

fx. Sumatra is working very well, i´ve used it for several weeks now.

My System SpecsSystem Spec
06 Jun 2010   #2

Windows 7 & Windows Vista Ultimate

In this case, the problem is Adobe Flash more than Adobe/Acrobat Reader. Although the vulnerability can also be vectored through malicious PDF files to invoke FLASH, merely replacing Adobe Reader with another PDF reader is not the solution because malicious Flash files are not limited to PDF format. My recommendations: Adobe Flash/Reader Vulnerability Mitigation Options.
My System SpecsSystem Spec

 New 0-day vulnerability in Adobe´s Flash Player, Reader & Acrobat

Thread Tools

Similar help and support threads
Thread Forum
Help with Adobe Acrobat Reader magnification
Hello, I'm a little perplexed with AAR10 with regards to magnification...? I have purchased some eBooks from Waterstones, a lot cheaper than an actual book... okay, whenever I open the PDF files they are magnified at such an inane percentage I have to decrease it to 100%. Is there a way in which...
Adobe Acrobat Reader Upgrade
I checked my email a few minutes ago and found this in my Spam folder. I wanted show this to say that I hope people don't just click links just because the source appears to be from a legitimate source. Notice the mis-spelling for the email link (adobesysteRms) and as far as I know, companies...
System Security
Critical vulnerability found in Adobe Flash Player
Adobe Reader and Acrobat Update 9.1
source: Adobe

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 16:46.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App