Adobe warns of Flash Player flaw ahead of Shockwave Player fix

News

Adobe warns of Flash Player flaw ahead of Shockwave Player fix

Warwick Ashford

Adobe Systems has warned of a critical vulnerability in its Flash Player.

The vulnerability (CVE-2010-3654) could cause a crash and potentially allow an attacker to take control of the affected system, the company said in a security advisory.

Adobe said there were reports that this vulnerability is being actively exploited in the wild against Adobe Reader and Acrobat 9.x, but the company was not currently aware of attacks targeting Adobe Flash Player.

The vulnerability affects version 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, version 10.1.95.2 and earlier versions for Android, and version 9.4 and earlier 9.x versions for Windows and Macintosh operating systems.

Adobe plans to provide a security update for Flash Player 10.x for Windows, Macintosh, Linux, and Android by 9 November.

Updates for Adobe Reader and Acrobat 9.4 and earlier 9.x versions are planned for the week starting 15 November.

The warning comes just ahead of the planned release laster today of a fix for a critical vulnerability (CVE-2010-3653) in Adobe Shockwave Player 11.5.8.612 and earlier versions on the Windows and Macintosh operating systems.

This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system.

"As of 27 October, Adobe is aware of reports of this vulnerability being exploited in the wild," the company said in a security advisory.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy