Adobe Releases Flash Security Fix (Early)

| News

Adobe announced Monday a security fix for Flash 10.1.x to address a serious issue that was first disclosed on September 13th, 2010. Adobe had announced at that time that a fix would be forthcoming on October 4th, making today’s release an early one.

The security flaw had been labeled critical, and it made it possible for the bad guys to take over a Mac or PC if they could lure you to a maliciously crafted Web page. It affects Flash player for Windows, Mac OS X, Linux, and Solaris, all of which were patched today.

The exploit also affects Adobe Reader, and the company has not yet released a fix for that product.

Comments

Bosco (Brad Hutchings)

If, like me, you use Chrome, the Flash plugin is built-in, and presumably, you’ll have to wait for Google to patch Chrome. It’s unclear whether the Flash security problem is actually a problem in Chrome, as each tab is run in its own process, presumably in a safer way than a regular application, as Google did this to make things more recoverable when web pages go bad.

I have seen Flash crash in a tab a couple of time and I could just reload the page and keep going. So anyway, that’s an angle that’s worth looking into.

Intruder

Glad to see they came out with a fix quickly. Good response on their part.

Nemo

Those who use Chrome will be happy to know that Adobe released the patch for Flash on Chrome to Google on 17 September 2010, three days earlier than it did for the rest of browser world.  See http://www.computerworld.com/s/article/9186638/Adobe_moves_up_Flash_fix_will_patch_bug_today?source=rss_news.

Log-in to comment