Adobe patches yet another critical flaw in Flash

A critical flaw in Adobe's Flash player will be patched tomorrow according to the company's latest security alert

Adobe has announced a vulnerability in Flash Player 10.2.153.1 and earlier versions (Adobe Flash Player 10.2.154.25 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 10.2.156.12 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.

The flaw could cause a crash and allow an attacker to take control of the affected system and reports have spotted the vulnerabilty being used in the wild through both malicious web sites and Falsh files embedded in Microsoft Word documents delivered in mail messages.

Adobe says it will seed patches for Flash Player 10.2.x and earlier versions for Windows, Macintosh, Linux, and Solaris on Friday, April 15, 2011.

Updates for Adobe Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh, Adobe Reader X (10.0.1) for Macintosh, and Adobe Reader 9.4.3 and earlier 9.x versions for Windows and Macintosh will follow 'no later than the week of April 25, 2011'.

Adobe Reader X used in protected mode is unnafected by the exploit in its current form.

Topics