Zero-day vulnerability in Adobe Flash Player, Reader and Acrobat

    Date06 Jun 2010
    4811
    Posted ByAnthony Pell
    According to a security advisory from Adobe, there is a critical vulnerability in Flash Player 10.0.45.2 (and earlier versions) and in the authplay.dll component that ships with Adobe Reader and Acrobat 9.0; Windows, Mac OS X, Unix and Linux versions are all vulnerable. Attackers can exploit the hole to crash the software or gain control of the system and there are already reports of exploitation in the wild for all three products. The Flash Player 10.1 release candidate is apparently not vulnerable and Adobe offer the option of installing this as a mitigation step. For Reader and Acrobat 9.x, Adobe recommend deleting, renaming or removing access to the authplay.dll file to mitigate the threat. On Windows, this file is typically located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll for Adobe Reader or C:\Program Files\Adobe\Acrobat 9.0\Acrobat\authplay.dll for Acrobat. Adobe say that Reader and Acrobat 8.x are not vulnerable.

    Comments powered by CComment

    LinuxSecurity Poll

    Which Linux distribution(s) do you use?

    Message!

    Poll results are hidden from public viewing.

    You are not authorized to vote on this poll.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 5 answer(s).
    /component/communitypolls/?task=poll.vote
    7
    radio
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.