Adobe Makes Me Smile, Adobe Makes Me Frown
Adobe, the California-based company that specializes in creating multimedia and creativity software products, made me smile earlier this week when it unveiled version 10.1 of Adobe Flash Player for smartphone, smartbooks, netbooks, PCS and other devices that can access the internet. Adobe Flash Player 10.1 for Windows Mobile, Palm WebOS and desktop operating systems (Windows, Mac and Linux) will be released as a public developer Beta by the end of the year. Android and Symbian-powered devices will get the developer beta of the browser-based runtime in early 2010.
“Flash Player 10.1 is the first consistent runtime release of the Open Screen Project that enables uncompromised Web browsing of expressive applications, content and high definition (HD) videos across devices. Using the productive Web programming model of the Flash Platform, the browser-based runtime enables millions of designers and developers to reuse code and assets and reduce the cost of creating, testing and deploying content across different operating systems and browsers. Flash Player 10.1 is easily updateable across all supported platforms to ensure rapid adoption of new innovations that move the Web forward,” commented Adobe.
Then Adobe took the smile off my face. After announcing an privilege escalation issue in Photoshop Elements a couple of weeks ago, the company has announced yesterday that it is aware of a critical vulnerability which affects Adobe Reader and Acrobat 9.1.3. As a little side note, version 9.1.3 was released to plug critical vulnerabilities in Adobe Reader and Acrobat 9.1.2.
Adobe confirmed that the security hole is being exploited in the wild. A fix will be issued on the 13th of October.
“There are reports that this issue is being exploited in the wild in limited targeted attacks; the exploit targets Adobe Reader and Acrobat 9.1.3 on Windows. Adobe Reader and Acrobat 9.1.3 customers with DEP enabled on Windows Vista will be protected from this exploit. Disabling JavaScript also mitigates against this specific exploit, although a variant that does not rely on JavaScript could be possible. In the meantime, Adobe is also in contact with Antivirus and Security vendors regarding the issue and recommends users keep their anti-virus definitions up to date,” commented Program Manager, David Lenoe.
“Flash Player 10.1 is the first consistent runtime release of the Open Screen Project that enables uncompromised Web browsing of expressive applications, content and high definition (HD) videos across devices. Using the productive Web programming model of the Flash Platform, the browser-based runtime enables millions of designers and developers to reuse code and assets and reduce the cost of creating, testing and deploying content across different operating systems and browsers. Flash Player 10.1 is easily updateable across all supported platforms to ensure rapid adoption of new innovations that move the Web forward,” commented Adobe.
Then Adobe took the smile off my face. After announcing an privilege escalation issue in Photoshop Elements a couple of weeks ago, the company has announced yesterday that it is aware of a critical vulnerability which affects Adobe Reader and Acrobat 9.1.3. As a little side note, version 9.1.3 was released to plug critical vulnerabilities in Adobe Reader and Acrobat 9.1.2.
Adobe confirmed that the security hole is being exploited in the wild. A fix will be issued on the 13th of October.
“There are reports that this issue is being exploited in the wild in limited targeted attacks; the exploit targets Adobe Reader and Acrobat 9.1.3 on Windows. Adobe Reader and Acrobat 9.1.3 customers with DEP enabled on Windows Vista will be protected from this exploit. Disabling JavaScript also mitigates against this specific exploit, although a variant that does not rely on JavaScript could be possible. In the meantime, Adobe is also in contact with Antivirus and Security vendors regarding the issue and recommends users keep their anti-virus definitions up to date,” commented Program Manager, David Lenoe.
