Adobe Flash Flaw Could Give Attackers Full Control

[HardOCP News]

Another critical exploit has been found in Adobe Flash. The new exploit can allow attackers to take full control of your PC. How many critical flaws is this in the last few weeks, none of them are fixed and no word when they will be? Nice.

Adobe wasn't immediately available for comment, but Tuesday afternoon confirmed the vulnerability in its Flash software on all platforms. The vulnerability is in Adobe Flash Player 10.0.12.36 and earlier versions. Adobe rates the vulnerability as critical.

 

[Toytown]

Im guessing the latest flash player 10.0.22.87 doesn't contain the exploit? In which case it is fixed

 

[Pixelated]

I somehow doubt it since this article is from today right?.

 

[SamuraiInBlack]

Dammit, I just got my Flash Player update notice today too!

Hope it was an update post-discovery and thus already patched. But seeing its Adobe....flip a coin I guess.

 

[Track Drew]

According to Adobe's page: http://www.adobe.com/support/security/bulletins/apsb09-01.html, it only affects "Adobe Flash Player 10.0.12.36 and earlier".

They recommend upgrading to the newest version, 10.0.22.87.

There is also a new patched version of Adobe 9 for those who cannot upgrade for whatever reason.

 

[JimmyNeutron]

How do you check what version of Adobe Flash you're running? I don't see a Flash folder under

Program Files
or
Program Files (x86)

I'm running Vista 64bit

Thanks!

 

[Methadras]

I know this may be controversial but I'd like to know how this hack is exploited. Anyone know?

 

[3991vhtes]

Thanks for the heads up

 

[Track Drew]

How do you check what version of Adobe Flash you're running?

From the link in my previous post:

"To verify the Adobe Flash Player version number, access the About Flash Player page,"

http://www.adobe.com/products/flash/about/

You can have different versions running between IE and Firefox, so both should be patched.

 

[Dunno]

Adobe Reader is ubiquitous because Adobe, for some strange reason, managed to convince the world that .PDFs ARE Adobe Reader files!?

Why they wanted to be ubiquitous and have there shity, slow reader app on more computers than have windows on them... then... bend over and take it boys!

I use Foxit Reader to read .PDFs.
http://www.foxitsoftware.com/pdf/reader_2/down_reader.htm
What takes 30 seconds and half a meg of web traffic to open with Adobe, takes 1 second with Foxit!
And no security issues!
(be sure to click help> update and choose the .jpg viewer)

There are many others.
If all the different readers were evenly distributed the hackers would not pick on it!
Why did Adobe choose to push theirs so hard (a costly business) if it really is.... free.....??
What is all that web traffic every time you start it???

Perhaps [H] should do a writeup on alternatives!

 

[eggrock]

Hopefully they're working on a 64-bit version instead of patching bugs. That way they'd at least be doing something useful.

Odds are they're spending all their time planning new CS bundles.