Article

Adobe fixes Flash Player zero-day vulnerability

SearchSecurity.com Staff

Adobe Systems Inc. has issued an out-of-band security patch for Flash Player, blocking a serious zero-day vulnerability that could enable an attacker to take complete control of a victim's system.

The vulnerability affects Flash Player 10.1.82.76

    Requires Free Membership to View

and earlier versions for Windows, Macintosh, Linux, Solaris, and Android operating systems. In an Adobe security advisory issued Monday, the company said the flaw could cause Flash Player to crash, enabling an attacker to execute code on a victim's system.

The Flash Player vulnerability also affects Adobe Reader and Adobe Acrobat 9.3.4 for Windows, Macintosh and Unix.

"There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows," Adobe said in its advisory. "Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date."

Adobe said it would issue an update for Reader and Acrobat the week of Oct. 4, a week ahead of the applications' scheduled quarterly patch release. The company said those using Adobe Reader or Acrobat 9.3.4 or earlier on Windows can use Microsoft's Enhanced Mitigation Evaluation Toolkit (EMET) to help prevent the vulnerability from being exploited.

~Robert Westervelt


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: