Adobe Fixes Critical Flash Player Bug Affecting Reader
Last week we reported that Adobe admitted hackers were exploiting a bug in Flash Player that affects Adobe Reader and Acrobat. Today Adobe released a fix for the critical vulnerability.
The bug allowed attackers to crash a system or take control of it. Adobe said that it is not conscious of attacks targeting Adobe Reader and Acrobat and noted that Adobe Reader X Protected Mode, a sandboxing technique, prevents this type of exploit from executing.
For Windows, Mac, Linux and Solaris operating systems, the bug is present in Adobe Flash Player 10.2.152.33 and earlier versions. In Chrome it is 10.2.154.18 and earlier versions and for Android it is version 10.1.106.16 and earlier according to the bulletin.
A different bulletin fixes a related critical vulnerability in the authplay.dll component that ships with Adobe Reader and Acrobat X (10.01.1) and earlier 10.x and 9.x versions for Windows and Mac operating systems.
"Because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, we are planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011." the company said.
Google's Chrome was the first to patch the Adobe Flash risk last week.