sidney
July 31st, 2009, 07:24 AM
This time the vulnerability is in Adobe Flash Player, Shockwave, and Adobe Reader, that latter because PDF files can now have embedded Flash and the bug is in the Flash player.
It is, once again, a serious vulnerability that has been seen in the wild with the potential of Flash based malware taking over your machine if you visit a site that has a malware flash content on it and you run the Flash content.
This is a cross-platform vulnerability, existing in the Windows, MacOS, Linux and Solaris versions of the Adobe products.
Adobe has just released updates for Flash Player and Shockwave. The update for Adobe Reader is supposed to be released within a day.
Get a new Flash Reader at http://get.adobe.com/flashplayer/
Get a new Shockwave (if you have an old one installed) at http://get.adobe.com/shockwave/
And to make it even scarier, what I said at the top is not strictly correct. The new version of Flash Reader does not fix a vulnerbility. According to the Adobe security announcement at http://www.adobe.com/support/security/bulletins/apsb09-10.html it fixes twelve newly discovered critical vulnerabilities!
The vulnerability in Shockwave is only on Windows and only in IE.
When the new Adobe Reader version is released the announcement at http://www.adobe.com/support/security/bulletins/apsb09-10.html will be updated to link to its download page.
It is, once again, a serious vulnerability that has been seen in the wild with the potential of Flash based malware taking over your machine if you visit a site that has a malware flash content on it and you run the Flash content.
This is a cross-platform vulnerability, existing in the Windows, MacOS, Linux and Solaris versions of the Adobe products.
Adobe has just released updates for Flash Player and Shockwave. The update for Adobe Reader is supposed to be released within a day.
Get a new Flash Reader at http://get.adobe.com/flashplayer/
Get a new Shockwave (if you have an old one installed) at http://get.adobe.com/shockwave/
And to make it even scarier, what I said at the top is not strictly correct. The new version of Flash Reader does not fix a vulnerbility. According to the Adobe security announcement at http://www.adobe.com/support/security/bulletins/apsb09-10.html it fixes twelve newly discovered critical vulnerabilities!
The vulnerability in Shockwave is only on Windows and only in IE.
When the new Adobe Reader version is released the announcement at http://www.adobe.com/support/security/bulletins/apsb09-10.html will be updated to link to its download page.