DV Hardware bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
December 4, 2016 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 65 people online.

 

Latest Reviews
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
ROCCAT Isku FX gaming keyboard
Prolimatech Magnetic Pin
 

Follow us
RSS
 

Adobe finds criticical vulnerability in Flash and Reader

Posted on Monday, June 07 2010 @ 16:25:26 CEST by


Adobe published a security advisory about a critical vulnerability in its Flash Player, Reader and Acrobat software. There are reports that this vulnerability is being actively exploited in the wild, and the company confirms the security hole could enable hackers to take over control of your PC.

The company is working on a fix but it's unknown when a patch will be available. The latest official versions of Adobe Flash Player, Reader and Acrobat are all affected, while Adobe Reader and Acrobat 8.x are confirmed not vulnerable. Additionally, Adobe also mentions that Flash Player 10.1 RC does not appear to be vulnerable.
A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat. This advisory will be updated once a schedule has been determined for releasing a fix.

Affected software versions
Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX

MItigations

Adobe Flash Player
The Flash Player 10.1 Release Candidate available at http://labs.adobe.com/technologies/flashplayer10/ does not appear to be vulnerable.

Adobe Reader and Acrobat
Deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF file that contains SWF content.

The authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C: Program FilesAdobeReader 9.0Readerauthplay.dll for Adobe Reader or C: Program FilesAdobeAcrobat 9.0Acrobatauthplay.dll for Acrobat.



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2016 DM Media Group bvba