The Latest in IT Security

Adobe Releases Out-of-Band Patch

22
Sep
2011

Adobe released an out-of-band security update to address six critical vulnerabilities, all affecting Adobe Flash Player.

One of the six, a cross-site scripting vulnerability identified as CVE-2011-2444, is reportedly being exploited in the wild. The bug is reportedly being used in targeted attacks that involve malicious links sent out to targets through email messages.

Adobe attributed the discovery of CVE-2011-2444 to Google, who, in response to finding the vulnerability, issued an update for the Google Chrome browser to prevent attackers from exploiting the security hole.

Users are strongly advised to apply the patches as soon as possible, especially since exploiting any the addressed vulnerabilities can lead to either remote code execution, or information disclosure.

Note that users who utilize multiple browsers may need to update their other browsers separately. Users can visit this page through all their browsers to check if they have the latest version of Adobe Flash Player installed, and this page to update. Here is the list of Adobe Flash Player versions affected by vulnerabilities addressed in this update:

  • Flash Player 10.3.183.7 and earlier
  • Flash Player 10.3.183.7 and earlier for network distribution
  • Flash Player 10.3.186.6 and earlier for Android
  • Flash Player 10.3.183.7 and earlier for Chrome users

We will update this post once we find more information about the exploit.

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments