Adobe released a patch for its Flash Player last Friday that patches a critical security flaw in its multimedia playback platform that could potentially allow an attacker to gain control over the victim’s system. The flaw impacts Flash Player for Mac, Windows, Linux Solaris and Android.
Flash Player gets another security patch
According to Adobe Security Advisory ASPA11-07, the flaw impacts Flash Player 10.2.153.1 and earlier for Mac, Windows, Linux and Solaris users, version 10.2.154.25 for Google Chrome users, and 10.2.156.12 for Google Android OS users. The flaw is also present in Adobe Acrobat and Adobe Reader 10.x and 9.x.
Hackers can potentially gain access to user’s systems thanks to a flaw in the version of Authplay.dll that ships with the versions of Flash Player and Acrobat that are susceptible to the attack. So far, it appears that attacks that are currently in the wild are using specially crafted Flash SWF files embedded Web pages and in Microsoft Word documents and are targeting only Windows users.
Adobe Flash Player 10.2.159.1 (or 10.0.648.205 for Google Chrome users) addresses the security flaw and is available as a free update from the Adobe Web site. The patch for Acrobat and Adobe Reader users will be released as part of the company’s regularly scheduled quarterly security update set for June 14.