Macromedia reports critical hole in Flash player

Macromedia has warned of a "critical" security flaw in the latest version of its Flash animation player, and has advised users to...

Macromedia has warned of a "critical" security flaw in the latest version of its Flash animation player, and has advised users to install a new version that it released on the Web to fix the problem.

The security flaw affects version 6 of the Macromedia Flash Player, which was released a year ago and has been installed on an estimated 75% of personal computers worldwide.

 The vulnerability affects the integrity of the player's "sandbox", which is supposed to act as a cordoned-off area where Flash code retrieved from the web can be run safely without access to a user's files.

Macromedia's website warned the flaw could allow a malicious hacker to run native code on a user's computer, outside the sandbox, possibly without the user's knowledge.

No users had reported having being affected by the problem as of Monday evening, a Macromedia representative said. Nevertheless, the company advised users to download a new version of the player - version - from its website immediately.

As well as fixing the latest vulnerability, the new version serves as a cumulative patch, fixing other security flaws reported since the product's release, including memory buffer overflows. It also offers other tweaks intended to boost performance of the product.

Macromedia offered few other details, saying only that a third party had reported the vulnerability  "recently".

The bulletin, with a link to the download site, is at

Macromedia has issued more than 15 security patches, bulletins and notifications over the past year, its website said. The company has implemented a ranking system similar to that used by Microsoft and other software suppliers, designating vulnerabilities as critical, important, moderate and low.



Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.




  • Passive Python Network Mapping

    In this excerpt from chapter two of Passive Python Network Mapping, author Chet Hosmer discusses securing your devices against ...

  • Protecting Patient Information

    In this excerpt from chapter two of Protecting Patient Information, author Paul Cerrato discusses the consequences of data ...

  • Mobile Security and Privacy

    In this excerpt from chapter 11 of Mobile Security and Privacy, authors Raymond Choo and Man Ho Au discuss privacy and anonymity ...