The Latest in IT Security

September Adobe Flash update patches critical vulnerabilities

22
Sep
2011

Adobe Flash logoAdobe has just released an update (APSB11-26) to its ubiquitous Flash software, revving it to version 10.3.183.10 for Windows, Mac, Solaris and Linux, and to version 10.3.186.7 for Android.

Today’s release fixes six vulnerabilities in Flash Player, one of which was being used in targeted attacks (CVE-2011-2444). This bug is a cross-site scripting flaw which could allow malicious web pages to take actions on behalf of the logged in user.

Adobe has rated this update as Critical. SophosLabs has assigned it a High rating.

SophosLabs has yet to see any samples in the wild, and notes that CVE-2011-2444 is not straightforward to exploit. Nevertheless, as Adobe reports, this vulnerability has been exploited, albeit only in targeted attacks so far.

Windows, Mac, Solaris and Linux users can download the latest Flash player from http://get.adobe.com/flashplayer.

Do watch out though. If adding the bloat of Flash to your browsing experience isn’t enough for you, Adobe has decided to default to bundling it with the Google Toolbar or McAfee trialware for Windows users.

Adobe Flash Player download page

You can untick the box before downloading if you don’t want these options.

Maybe that’s why Apple won’t support Flash on iDevices. No portable versions of Google Toolbar or McAfee?

Android users can download the latest Flash Player from the Android Marketplace and Google Chrome users were automatically updated on September 20, 2011 with protection against these flaws.

Leave a reply


Categories

WEDNESDAY, NOVEMBER 13, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments