Adobe Acknowledges Reader, Acrobat, Flash Player Critical Vulnerability

Article by George Norman (Cybersecurity Editor)

on 23 Jul 2009

Yesterday we announced that a potential vulnerability affecting Adobe Reader 9.1.2, Acrobat Reader 9.1.2, Adobe Flash Player 9, and Adobe Flash Player 10 has been uncovered. At the time Adobe said that it will look in to the matter and pending an investigation will provide an update. It seems that the investigation is over because the California-based company that specializes in creating multimedia and creativity software products has indeed provided an update and a Security Advisory – it seems that the vulnerability has been given the “critical” rating.

“A critical vulnerability exists in the current versions of Flash Player (v9.0.159.0 and v10.0.22.87) for Windows, Macintosh and Linux operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2009-1862) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild via limited, targeted attacks against Adobe Reader v9 on Windows,” explained on behalf of the Adobe Product Security Incident Response Team (PSIRT), Wendy Poland.

Just to put things in perspective, when a vulnerability is rated as “critical” it means that a person with malicious intent could exploit said vulnerability to execute code on the targeted machine. The user may not be aware that malicious native-code is being executed on the machine. This critical vulnerability affects the following platforms: Adobe Reader and Acrobat 9.1.2 and earlier 9.x versions; Adobe Flash Player 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions.

At the time the vulnerability was announced I speculated that since Adobe now mimics Microsoft’s Patch Tuesday program, an fix will be provided on the 11th of August – unless of course the security issue is so serious (read actively exploited) that a fix needs to be rolled out earlier. It seems that I was right because according to PSIRT, Adobe is working on a fix and will make it available by the end of the month.

And more specifically:
- By July 30th, an update for Flash Player v9 and v10 for Windows, Macintosh, and Linux will be released.
- By July 31st, an update for Adobe Reader and Acrobat v9.1.2 for Windows, Macintosh, and UNIX will be released.

Until a fix is released, Adobe advises you to use this mitigation: “Deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat v9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF that contains SWF content. Depending on the product, the authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C:Program FilesAdobeReader 9.0Readerauthplay.dll or C:Program FilesAdobeAcrobat 9.0]Acrobatauthplay.dll. Windows Vista users should consider enabling UAC (User Access Control) to mitigate the impact of a potential exploit. Flash Player users should exercise caution in browsing untrusted websites.”


Latest News


Sony's 'Attack of the Blockbusters Sale' Slashes Prices in Half for a Ton of PS4 Games

17 Aug 2017

How Samsung's New T5 Compares to the Old T3 Portable SSD (Infographic)

17 Aug 2017

See all