Adobe fears exploits of critical vulnerability for Flash Player, Adobe Reader and Acrobat


Adobe fears exploits of critical vulnerability for Flash Player, Adobe Reader and Acrobat

Warwick Ashford

Adobe has announced that there is a critical vulnerability in Adobe Flash Player, Reader and Acrobat for Windows, Mac, Linux and Solaris that could allow attackers to take control of the affected system.

"There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat," Adobe said.

Adobe does not have a fix available, but has suggested some workarounds in a security advisory.

Versions of Adobe Flash affected include, 9.0.262, 10.0.x and 9.0.x, Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions are also affected.

But the Flash Player 10.1 Release Candidate does not appear to be vulnerable, Adobe said.

Adobe has also confirmed that Adobe Reader and Acrobat 8.x are not vulnerable.

The latest information will be posted on the Adobe Product Security Incident Response Team blog, the company said.

According to Brad Arkin, Adobe's director of security and privacy, the firm's security team has improved internal processes and is able to get a fix for extremely urgent zero-day vulnerability out within 15 days, which means a patch could be released around 20 June.

But Arkin said less urgent bug fixes could take up to 90 days, depending when the vulnerability is identified, to fit in with scheduled security updates.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy