Critical vulnerability found in Adobe Flash and Acrobat


Adobe has released an advisory regarding a critical vulnerability found in Flash and Acrobat.

The vulnerability, found in authplay.dll can allow an attacker to crash and potentially control an affected system. There is not currently an official patch, but Adobe has stated that renaming, deleting or controlling access to authplay.dll mitigates the threat and is a stop-gap until a patch can be released.

Affected versions include; Adobe Flash Player, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris
Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX.

The Flash 10.1 release candidate does not "appear" to be affected, which seems to be pretty ambiguous wording for a potentially dangerous vulnerability. Adobe will be updating advisory information as a patching schedule becomes available.


Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.