Security problems don’t just impact operating systems and Web browsers: any software that has a broad user base is going to be targeted by cybercriminals and attacks. Now Adobe has released a large patch to deal with security problems in Flash Player designed to mitigate attacks already being used “in the wild” on the Internet, and is urging all users to update their software as soon as possible. However, Adobe Reader and Acrobat updates won’t be available until the end of the month—if they want protection, they’ll have to manually remove a DLL from their software installations.
The problems addressed by the updates impact Adobe Flash Player 10.0.45.2 and earlier for Windows, Linux, Mac OS X, and Solaris; Adobe AIR 1.5.3.9130 and earlier for Windows, Mac OS X, and Linux; and Adobe Reader and Adobe Acrobat 9.x for Windows, Mac OS X, and Unux. (Adobe Reader and Acrobat 8.x aren’t impacted.) The update fixes some 32 vulnerabilities in Flash.
Adobe recommends users of Flash 10.0 update to Flash 10.1.53.64 from Adobe’s Flash Download Center; folks who can’t update to Flash 10.1 can also get a patched version of Flash Player 9.0.227.0.
Adobe expects to patch Adobe Reader and Acrobat 9.x by the end of June; in the meantime, users can mitigate the vulnerability by removing the AuthPlayLib.dll from the application; Adobe provides instructions for Mac OS X, WIndows, and Unix in a security bulletin. However, it must be noted that the Reader/Acrobat problem is already being exploited on the Internet, and folks who use the application would be well-advised not to wait until late June for an update from Adobe.
Editors' Recommendations
- Vital security update for Apple devices takes only a few minutes to install
- Update Google Chrome now to protect yourself from an urgent security bug
- Update Google Chrome now to patch this critical security flaw
- Nvidia warns owners of its GPUs about a dangerous security vulnerability
- How to enable Flash in Google Chrome