News Stay informed about the latest enterprise technology news and product updates.

Adobe fixes Flash Player zero-day vulnerability

The critical Flash Player flaw is being actively exploited in the wild on Windows systems.

Adobe Systems Inc. has issued an out-of-band security patch for Flash Player, blocking a serious zero-day vulnerability that could enable an attacker to take complete control of a victim's system.

The vulnerability affects Flash Player and earlier versions for Windows, Macintosh, Linux, Solaris, and Android operating systems. In an Adobe security advisory issued Monday, the company said the flaw could cause Flash Player to crash, enabling an attacker to execute code on a victim's system.

The Flash Player vulnerability also affects Adobe Reader and Adobe Acrobat 9.3.4 for Windows, Macintosh and Unix.

"There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows," Adobe said in its advisory. "Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date."

Adobe said it would issue an update for Reader and Acrobat the week of Oct. 4, a week ahead of the applications' scheduled quarterly patch release. The company said those using Adobe Reader or Acrobat 9.3.4 or earlier on Windows can use Microsoft's Enhanced Mitigation Evaluation Toolkit (EMET) to help prevent the vulnerability from being exploited.

~Robert Westervelt

Dig Deeper on Productivity apps and messaging security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.