Adobe readies Flash fix

By

Disabling Flash ActiveX advised.

Adobe plans to rush out a fix for a Flash Player zero-day vulnerability by tomorrow, though users will have to wait until June 29 to receive a patch for the same flaw in Reader and Acrobat.

The bug, which could cause a crash or allow an attacker to take control of an affected system, is present in the latest version of Flash (10.0.45.2) and earlier for Windows, Macintosh, Linux and Solaris operating systems, Adobe said in a security advisory. Adobe did not say when it plans to patch the vulnerability.

The bug also affects the authplay.dll component of Adobe Reader and Acrobat 9 for Windows, Macintosh and UNIX operating systems. The cause of the vulnerability was unspecified.

“There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat,” the company said in its advisory.

The flaw is rated “extremely critical,” rating five out of five with vulnerability tracking firm Secunia.

The Flash Player 10.1 release candidate is confirmed as not vulnerable, as are Reader and Acrobat version 8. To avoid a possible exploit, users can consider disabling the Flash ActiveX control or installing a Flash blocker add-on, experts said. To avoid an attack in Reader or Acrobat, users can run an alternative PDF renderer.

See original article on scmagazineus.com


Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Researchers demo AI-crippling GPUHammer attack

Researchers demo AI-crippling GPUHammer attack

Qantas obtains court order to prevent third-party access to stolen data

Qantas obtains court order to prevent third-party access to stolen data

Google Gemini for Workspace vulnerable to prompt injection attacks

Google Gemini for Workspace vulnerable to prompt injection attacks

Log In

  |  Forgot your password?