The company said that the update is rated as 'critical' and all users are being advised to update to the latest versions of Flash 10 and Flash 9.
According to Adobe, the update addresses five different CVE vulnerability reports. Effects of a possible exploit range from privilege exploitation to clickjacking and remote code execution.
In addition to Flash Player versions 10.0.12.36 and earlier, the update is being recommended for users running Adobe's AIR 1.5, Flash CS4 and CS3 Professional and Flex 3 products. Linux users will want to update their copies of Flash Player to version 10.0.22.87.
The update is not related to another security alert Adobe issued last week. That warning addressed a flaw in the Adobe Reader component which could allow for remote code execution. The company has not yet issued a patch for that vulnerability, though an third-party developer has come up with a for the flaw.
Adobe posts fix for Flash
By Shaun Nichols on Feb 27, 2009 3:20PM