Flaw in Adobe Flash Player and Adobe Reader
Adobe has reported a serious vulnerability in its Flash Player and Adobe Reader and Acrobat products. It says this defect could let attackers take control of people's computers.
The short-coming is actually being exploited and an official patch is not yet available.
Affected software includes:
Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris
Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh, and UNIX
#-Link-Snipped-#Adobe also said that Flash Player 10.1 Release Candidate does not seem to be vulnerable and that Adobe Reader and Acrobat 8.x are confirmed as not to be vulnerable.
Adobe has not announced about when the official fix would be released, but according to the company, computer users can moderate the Flash issue by downloading the Release Candidate available at
#-Link-Snipped-#
The Acrobat and Reader issue can be addressed by deleting, renaming, or removing access to the authplay.dll file, which ships with those products. The .dll file is typically located at :
C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll for Adobe Reader
However, this may cause a non exploitable crash or error message if a user opens a PDF file that contains SWF content.
The complete security advisory is available #-Link-Snipped-#.
The short-coming is actually being exploited and an official patch is not yet available.
Affected software includes:
Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris
Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh, and UNIX
#-Link-Snipped-#Adobe also said that Flash Player 10.1 Release Candidate does not seem to be vulnerable and that Adobe Reader and Acrobat 8.x are confirmed as not to be vulnerable.
Adobe has not announced about when the official fix would be released, but according to the company, computer users can moderate the Flash issue by downloading the Release Candidate available at
#-Link-Snipped-#
The Acrobat and Reader issue can be addressed by deleting, renaming, or removing access to the authplay.dll file, which ships with those products. The .dll file is typically located at :
C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll for Adobe Reader
However, this may cause a non exploitable crash or error message if a user opens a PDF file that contains SWF content.
The complete security advisory is available #-Link-Snipped-#.
0