Adobe warns of Flash Player flaw ahead of Shockwave Player fix

News

Adobe warns of Flash Player flaw ahead of Shockwave Player fix

Warwick Ashford

Adobe Systems has warned of a critical vulnerability in its Flash Player.

The vulnerability (CVE-2010-3654) could cause a crash and potentially allow an attacker to take control of the affected system, the company said in a security advisory.

Adobe said there were reports that this vulnerability is being actively exploited in the wild against Adobe Reader and Acrobat 9.x, but the company was not currently aware of attacks targeting Adobe Flash Player.

The vulnerability affects version 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, version 10.1.95.2 and earlier versions for Android, and version 9.4 and earlier 9.x versions for Windows and Macintosh operating systems.

Adobe plans to provide a security update for Flash Player 10.x for Windows, Macintosh, Linux, and Android by 9 November.

Updates for Adobe Reader and Acrobat 9.4 and earlier 9.x versions are planned for the week starting 15 November.

The warning comes just ahead of the planned release laster today of a fix for a critical vulnerability (CVE-2010-3653) in Adobe Shockwave Player 11.5.8.612 and earlier versions on the Windows and Macintosh operating systems.

This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system.

"As of 27 October, Adobe is aware of reports of this vulnerability being exploited in the wild," the company said in a security advisory.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
 

COMMENTS powered by Disqus  //  Commenting policy