Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat [telecom]

formatting link
Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat

added April 12, 2011 at 10:39 am | updated April 12, 2011 at 02:00 pm

Adobe has released security advisory APSA11-02 to alert users of a vulnerability affecting the following Adobe products:

  • Flash Player and earlier versions for Windows, Macintosh, Linux, and Solaris * Flash Player and earlier versions for Chrome * Flash Player and earlier versions for Android * the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh.

Exploitation of this vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

The Adobe advisory indicates that this vulnerability is currently being exploited in targeted attacks via a Flash (.swf) file embedded in a Microsoft Word (.doc) file delivered as an email attachment. However, the method of attack can change at any time.

At this time, Adobe has not released a fix to mitigate this vulnerability. US-CERT encourages users and administrators to do the following to help mitigate the risks until a fix becomes available:

  • Review Adobe security advisory APSA11-02. * Exercise caution when opening unsolicited email attachments. * Refer to the Using Caution with Email Attachments Cyber Security Tip for more information on safely handling email attachments.

Additional information can be found in US-CERT Vulnerability Note VU#230057. US-CERT will provide additional details as they becomes available.

US-CERT Vulnerability Note VU#230057

formatting link

Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat

formatting link

Reply to
Monty Solomon
Loading thread data ... Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.