Posted on Wednesday, August 22 2012 @ 19:25 CEST by Thomas De Maesschalck
Adobe Flash and AIR users are urged to update as soon as possible to yet another new release due to the discovery of more critical security vulnerabilities. The vulnerabilities affect Windows, Mac, Linux, Chrome OS and Android, the patch plugs four memory corruption bugs, an integer overflow vulnerability, and a cross-domain information leakage flaw. The update follows hot on the wheels of the security patch that was issued just last week.
In its notification regarding the updates, Adobe admitted to the seriousness of the issues. 'These updates address vulnerabilities that could case a crash,' the company explained, 'and potentially allow an attacker to take control of the affected system.'
That latter, of course, is the key: while system crashes are irritating, the flaws in Flash and AIR mean that an attacker could potentially load a malicious file into a website and automatically execute arbitrary code on visiting systems - potentially taking full control of the targets with very little effort.
Source: Bit Tech
