CERT mailing list archives
Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat
From: Current Activity <us-cert () us-cert gov>
Date: Tue, 12 Apr 2011 10:54:34 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 US-CERT Current Activity Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Original release date: April 12, 2011 at 10:39 am Last revised: April 12, 2011 at 10:39 am Adobe has released security advisory APSA11-02 to alert users of a vulnerability affecting the following Adobe products: * Flash Player 10.2.153.1 and earlier versions for Windows, Macintosh, Linux, and Solaris * Flash Player 10.2.154.25 and earlier versions for Chrome * Flash Player 10.2.156.12 and earlier versions for Android * the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh. Exploitation of this vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. The Adobe advisory indicates that this vulnerability is currently being exploited in targeted attacks via a Flash (.swf) file embedded in a Microsoft Word (.doc) file delivered as an email attachment. However, the method of attack can change at any time. At this time, Adobe has not released a fix to mitigate this vulnerability. US-CERT encourages users and administrators to do the following to help mitigate the risks until a fix becomes available: * Review Adobe security advisory APSA11-02. * Exercise caution when opening unsolicited email attachments. * Refer to the Using Caution with Email Attachments Cyber Security Tip for more information on safely handling email attachments. US-CERT will provide additional information as it becomes available. Relevant Url(s): <http://www.us-cert.gov/cas/tips/ST04-010.html> <http://blogs.adobe.com/psirt/2011/04/security-advisory-for-adobe-flash-player-adobe-reader-and-acrobat-apsa11-02.html> ==== This entry is available at http://www.us-cert.gov/current/index.html#adobe_releases_security_advisory_for7 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTaRnnj6pPKYJORa3AQKLHgf/RL3xp1tlmVWOnWGy/lPUipAOr7BO9Mdl blMt4OKFK1k1qW3RFitQ1XzfsZXcPGu0+F3wqJ1jvnctIdo6GKE3Y2X+YYjaM2DV 9onSM2M34I4MogMMAMQN8W5uOrATJGWoeNKZUHZNJ29l4wIe3ax/gXcahJHqiq70 Kzkhr30CutNnF5MdzHkGzuAA2Ymk3w7Qfl86DxP3NwNWuQHlJdLBD+qCLis1Ggha rX3WJV4yHhOmkJPx966OnBuNRwCVEdw+3/7PMGGmS+2u8k74sNRAKHdG232BZZkq r0oFYoA+FaMYY7t7BgyrBVPIx578pzkwRhwM5TM1PZe4PGe4uD/wnw== =49PL -----END PGP SIGNATURE-----
Current thread:
- Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Current Activity (Mar 15)
- <Possible follow-ups>
- Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Current Activity (Apr 12)
- Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Current Activity (Apr 12)
- Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Current Activity (Apr 15)