Recently Reported Adobe Reader, Acrobat, Flash Player Vulnerability is 8 Months Old
The Adobe Reader 9.1.2, Acrobat Reader 9.1.2, Adobe Flash Player 9, and Adobe Flash Player 10 security vulnerability that came to light earlier this month, the vulnerability that has been acknowledged by the California-based company that specializes in creating multimedia and creativity software products, is not new after all. According to recent reports, it was something that Adobe’s security response team knew about for 8 months.
The security hole was initially brought to light on the 31st of December, 2008, but at the time it was erroneously diagnosed as a “data loss corruption” issue. Just because Adobe misdiagnosed the issue, this does not mean hackers and other people with malicious intent did the same. Quite the opposite – they started to use the security hole to attack vulnerable systems. When Adobe got wise to this fact, it locked access to the bug ticket and posted a note saying that it has been reclassified as a security bug and a patch will be issued in the future.
If you are not familiar with the security vulnerability in question, here is a brief description: it affects Adobe Reader and Acrobat 9.1.2 and earlier 9.x versions; Adobe Flash Player 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions, it has been rated by Adobe as critical, and a patch is supposed to be rolled out on July 30th (for Flash Player v9 and v10 for Windows, Macintosh, and Linux) and July 31st (for Adobe Reader and Acrobat v9.1.2 for Windows, Macintosh, and UNIX).
According to PSIRT (Adobe Product Security Incident Response Team) the vulnerability affects Flash Player and the authplay.dll component in Adobe Reader and Adobe Acrobat and could “cause a crash and potentially allow an attacker to take control of the affected system.” PSIRT also said that it is aware that the vulnerability is being actively exploited in the wild, albeit via limited, targeted attacks.
Tags: Adobe, Adobe Reader, Acrobat, Adobe Flash Player
The security hole was initially brought to light on the 31st of December, 2008, but at the time it was erroneously diagnosed as a “data loss corruption” issue. Just because Adobe misdiagnosed the issue, this does not mean hackers and other people with malicious intent did the same. Quite the opposite – they started to use the security hole to attack vulnerable systems. When Adobe got wise to this fact, it locked access to the bug ticket and posted a note saying that it has been reclassified as a security bug and a patch will be issued in the future.
Advertising
If you are not familiar with the security vulnerability in question, here is a brief description: it affects Adobe Reader and Acrobat 9.1.2 and earlier 9.x versions; Adobe Flash Player 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions, it has been rated by Adobe as critical, and a patch is supposed to be rolled out on July 30th (for Flash Player v9 and v10 for Windows, Macintosh, and Linux) and July 31st (for Adobe Reader and Acrobat v9.1.2 for Windows, Macintosh, and UNIX).
According to PSIRT (Adobe Product Security Incident Response Team) the vulnerability affects Flash Player and the authplay.dll component in Adobe Reader and Adobe Acrobat and could “cause a crash and potentially allow an attacker to take control of the affected system.” PSIRT also said that it is aware that the vulnerability is being actively exploited in the wild, albeit via limited, targeted attacks.
Tags: Adobe, Adobe Reader, Acrobat, Adobe Flash Player
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 10 Feb 2012
With the release of Wolfram|Alpha Pro, the team behind the popular computational knowledge engine took a very big step forward
By George Norman on 10 Feb 2012
Microsoft has just announced that this February, as part of the Patch Tuesday program, it will roll out a grand total of 9 security bulletins to all customers all over the world.Related News
By George Norman on 09 Sep 2011
Adobe, California-based company that specializes in creating multimedia and creativity software products supports its products for a time period of five years. The company announced yesterday
By George Norman on 19 Oct 2011
Adobe, California-based company that specializes in creating multimedia and creativity software products, announced earlier this week that it released Adobe Reader version 10.1 for the Apple-developed iOS operating system and for the Google-developed Android operating systemAdvertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Recently Reported Adobe Reader, Acrobat, Flash Player Vulnerability is 8 Months Old
HTML Linking Code
HTML Linking Code