Adobe Releases Patch For Zero Day Flash Vulnerability

Software maker Adobe has released a security patch for the zero-day Flash vulnerability affecting its Reader and Acrobat software.

The company was expected to release the patch this week, but managed to get the update ready by April 21, possibly pushing it ahead of schedule due to the severity of the security vulnerability.

“There are reports that one of the vulnerabilities, CVE-2011-0611, is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat, as well as via a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment targeting the Windows platform,” the company said in a security advisory.

Adobe has released software security patches for Adobe Reader X for Mac and Adobe Reader, Adobe Acrobat and Adobe Acrobat X for Windows and Mac operating systems.

The company said that the Protected Mode on Adobe Reader X for Windows prevents the zero day vulnerability from being exploited. The patch that was released came outside of Adobe's normal quarterly update schedule; the next patch had been scheduled for June 14.

Adobe also stated that the vulnerability does not effect Adobe Reader for Android and Unix were not affected by the bug.