A recent security bulletin from CERT refers to an Adobe Flash security vulnerability which can cause memory corruption and allow attackers to execute arbitrary code on the victim’s system. The bulletin details this Adobe Flash security issue, which convinces victims to open a specially created HTML or any other document (such as a PDF file or Microsoft Office document) that supports embedded SWF content. Following this action, the attacker can execute malicious code on the compromised system.
This vulnerability affects Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, and Solaris, Flash Player for Android (version 10.1.92.10), as well as Adobe Reader and Adobe Acrobat 9.3.4 and earlier. The issue can be overcome by changing Adobe Flash security settings using a step by step process, as explained in the CERT bulletin. Adobe has also issued security advisories giving in-depth information on the Flash security issue, along with corrective measures.