Adobe has released an advisory regarding a critical vulnerability found in Flash and Acrobat.
The vulnerability, found in authplay.dll can allow an attacker to crash and potentially control an affected system. There is not currently an official patch, but Adobe has stated that renaming, deleting or controlling access to authplay.dll mitigates the threat and is a stop-gap until a patch can be released.
Affected versions include; Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris
Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX.
The Flash 10.1 release candidate does not "appear" to be affected, which seems to be pretty ambiguous wording for a potentially dangerous vulnerability. Adobe will be updating advisory information as a patching schedule becomes available.
61 Comments - Add comment