Flash Player, Adobe Reader and Adobe Acrobat Plagued by Critical, Actively Exploited Vulnerability
Article by George Norman
On 07 Jun 2010
Several of Adobe’s products are plagued by a critical security vulnerability announced the California-based company that specializes in creating multimedia and creativity software products. Adobe Flash Player, Adobe Reader and Adobe Acrobat are all plagued by a vulnerability which, if exploited by a person with malicious intent, could give the attacked control of the targeted machine.

“A critical vulnerability exists in Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems,” announced Wendy Poland on behalf of the Adobe Product Security Incident Response Team (PSIRT).

Advertising

The following Adobe products are affected:
- Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris.
- Adobe Reader 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX
- Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX.

Adobe Reader 8.x and Adobe Acrobat 8.X are not vulnerable. Flash Player 10.1 Release Candidate seems to be unaffected as well (Adobe said it “does not appear to be vulnerable”).

Here comes the even worse news: there are reports that the vulnerability is being actively exploited in the wild. A patch for the vulnerability has not been released yet. Adobe did roll out a security advisory to help users mitigate the vulnerability. The mitigations include switching to Flash Player 10.1 RC, which is available for download here, and deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x. Usually the file is located in C:/Program Files/Adobe/Reader 9.0/Reader/authplay.dll for Adobe Reader or C:/Program Files/Adobe/Acrobat 9.0/Acrobat/authplay.dll for Acrobat.

Director of Product Security with Adobe, Brad Arkin said that the company is working hard on a patch. Arkin could not say when the patch would be rolled out to Flash Player, Adobe Reader and Adobe Acrobat users.

Update May 8: Adobe announced when it plans to release a patch for this vulnerability. Read more here .



Tags: Adobe, Flash Player, Adobe Reader, Adobe Acrobat, Security, Vulnerability
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
By George Norman on 31 May 2017
Having lots of devices connected to your network and the internet isn't a problem, as long as you keep the bad guys out of the picture. That’s crucial, because they'll exploit any vulnerability that they can find.
By George Norman on 17 Jul 2017
If you want top notch protection for your Windows computer, you can’t go wrong by getting something developed by the internationally renowned security company Kaspersky Lab. The problem is that…
By George Norman on 26 Jul 2017
Top-notch real-time protection against viruses doesn’t have to cost money, not if you go with the recently introduced Kaspersky Free antivirus solution. It may not come with a lot of bells and whistles, but it nicely covers all the basics and...
By George Norman on 31 Jul 2017
Are people taking better care of their passwords, or have their password habits changed for the worse? To get an answer to that question, data loss prevention software company Digital Guardian surveyed a thousand people about their password security habits and found that...
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Flash Player, Adobe Reader and Adobe Acrobat Plagued by Critical, Actively Exploited Vulnerability
HTML Linking Code