Flash Player 10.1 is Out, Get It Now
Article by George Norman
On 11 Jun 2010
Flash Player version 10.1 has just recently been rolled out and there is one very good reason why you should get it immediately – security. As you may remember, Adobe recently announced that Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris are plagued by a critical security vulnerability which, if exploited by a person with malicious intent, could give the attacker control of the targeted machine.

At the time Adobe said that Flash Player 10.1 RC was not vulnerable. The problem was that at the time Adobe Flash Player 10.1 was still an RC (Release Candidate) – now it has been released as a final, stable application. At least from a security point of view, you are well advised to get this latest version.

Advertising

Please note that the vulnerability that plagues Flash Player 10.0 and previous versions is being actively exploited in the wild. You should also note that Adobe Reader Adobe Reader and Acrobat 9.3.2 for Windows, Macintosh and UNIX are also affected by this critical vulnerability. Adobe said a patch will be issued by June 29.

It should definitely be noted that in total Flash Player 10.1 fixes more than 30 security issues. Here they are:
  • CVE-2010-1297 – A memory corruption vulnerability that could lead to code execution (this issue is being actively exploited in the wild). This is the vulnerability that made the headlines earlier this week.
  • CVE-2009-3793 - a memory exhaustion vulnerability that could lead to code execution
  • CVE-2010-2160 - a memory corruption vulnerability that could lead to code execution
  • CVE-2010-2161 - an indexing vulnerability that could lead to code execution
  • CVE-2010-2162 - a heap corruption vulnerability that could lead to code execution
  • CVE-2010-2163 - multiple vulnerabilities that could lead to code execution
  • CVE-2010-2164 - a use after free vulnerability that could lead to code execution
  • CVE-2010-2165 - a memory corruption vulnerability that could lead to code execution
  • CVE-2010-2166 - a memory corruption vulnerability that could lead to code execution
  • CVE-2010-2167 - multiple heap overflow vulnerabilities that could lead to code execution .
  • CVE-2010-2169 - a pointer memory corruption that could lead to code execution
  • CVE-2010-2170 - an integer overflow vulnerability that could lead to code execution
  • CVE-2010-2171 - a memory corruption vulnerability that could lead to code execution
  • CVE-2010-2172 - a denial of service issue on some UNIX platforms (Flash Player 9 only)
  • CVE-2010-2173 - an invalid pointer vulnerability that could lead to code execution
  • CVE-2010-2174 - an invalid pointer vulnerability that could lead to code execution
  • CVE-2010-2175 - a memory corruption vulnerability that could lead to code execution
  • CVE-2010-2176 - a memory corruption vulnerability that could lead to code execution
  • CVE-2010-2177 - a memory corruption vulnerability that could lead to code execution
  • CVE-2010-2178 - a memory corruption vulnerability that could lead to code execution
  • CVE-2010-2179 - a URL parsing vulnerability that could lead to cross-site scripting (Firefox and Chrome browsers only)
  • CVE-2010-2180 - a memory corruption vulnerability that could lead to code execution
  • CVE-2010-2181 - an integer overflow vulnerability that could lead to code execution
  • CVE-2010-2182 - a memory corruption vulnerability that could lead to code execution
  • CVE-2010-2183 - a integer overflow vulnerability that could lead to code execution
  • CVE-2010-2184 - a memory corruption vulnerability that could lead to code execution
  • CVE-2010-2185 - a buffer overflow vulnerability that could lead to code execution
  • CVE-2010-2186 - a denial of service vulnerability that can cause the application to crash. Arbitrary code execution has not been demonstrated, but may be possible
  • CVE-2010-2187 - a memory corruption vulnerability that could lead to code execution
  • CVE-2010-2188 - a memory corruption vulnerability that could lead to code execution
  • CVE-2010-2189 - a memory corruption vulnerability that could lead to code execution
  • Note: This issue occurs only on VMWare systems with VMWare Tools enabled
  • CVE-2008-4546 - A denial of service issue

Adobe Flash Player 10.1 is available for download here.




Tags: Adobe, Flash Player
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Flash Player 10.1 is Out, Get It Now
HTML Linking Code