Critical Adobe Security Alert For Flash & Acrobat Issued
Adobe has issued a critical security vulnerability alert for their Flash and Acrobat applications for both MAC and Wondows operating systems.
The alert applies to versions of Flash 10.0 and earlier, as well as all versions of Acrobat 9, which have been described as susceptible to being exploited for remote control over a user’s computer. Flash 10.1’s pre-release build and older versions of Acrobat aren’t affected.
The hole doesn’t yet have a fix and has already been used to attack computers in real conditions. Acrobat owners with Windows systems can delete, rename or block access to authplay.dll as a workaround, but the move prevents opening PDF files with embedded Flash. No schedule was given for when a patch would arrive for either Flash or Acrobat.
An exploit on this level comes ill-timed for Adobe as it has just recently tried to promote Flash as a secure environment in its bid to persuade Apple and users that the plugin is necessary on mobile devices. Flash 10.1 for Android 2.2 isn’t known to have the problem but isn’t yet in a finished state.