Critical Adobe Flash security vulnerability affects documents with SWF

Also affects Flash player for Android OS, Adobe Reader and Acrobat. CERT and Adobe issue remedial measures to combat Flash security vulnerability.

A recent security bulletin from CERT refers to an Adobe Flash security vulnerability which can cause memory corruption and allow attackers to execute arbitrary code on the victim’s system. The bulletin details this Adobe Flash security issue, which convinces victims to open a specially created HTML or any other document (such as a PDF file or Microsoft Office document) that supports embedded SWF content. Following this action, the attacker can execute malicious code on the compromised system.

This vulnerability affects Flash Player and earlier versions for Windows, Macintosh, Linux, and Solaris, Flash Player for Android (version, as well as Adobe Reader and Adobe Acrobat 9.3.4 and earlier. The issue can be overcome by changing Adobe Flash security settings using a step by step process, as explained in the CERT bulletin. Adobe has also issued security advisories giving in-depth information on the Flash security issue, along with corrective measures.

Read more on Data breach incident management and recovery