CERT mailing list archives

Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat

From: Current Activity <us-cert () us-cert gov>
Date: Fri, 15 Apr 2011 16:33:14 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat

Original release date: April 12, 2011 at 10:39 am
Last revised: April 15, 2011 at 4:20 pm


Adobe has released a security update for Adobe Flash Player to address
the vulnerability previously referenced in Adobe Security Advisory
APSA11-02. Exploitation of this vulnerability may allow an attacker to
execute arbitrary code or cause a denial-of-service condition. Adobe
has indicated that this vulnerability is currently being exploited in
targeted attacks via a Flash (.swf) file embedded in a Microsoft Word
(.doc) or Microsoft Excel (.xls) file delivered as an email
attachment. This vulnerability affects the following Adobe products:
  * Flash Player 10.2.153.1 and earlier versions for Windows,
    Macintosh, Linux, and Solaris
  * Flash Player 10.2.154.25 and earlier versions for Chrome
  * Flash Player 10.2.156.12 and earlier versions for Android
  * the Authplay.dll component that ships with Adobe Reader and
    Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows
    and Macintosh.

US-CERT encourages users and administrators to review Adobe Security
Bulletin APSB11-07 and upgrade to Adobe Flash Player 10.2.159.1 for
Windows, Macintosh, Linux, and Solaris. Google Chrome users should
update to Chrome 10.0.648.205 to address this vulnerability. Adobe AIR
users are encouraged to update to AIR 2.6.19140. The bulletin
indicates that Adobe plans to make updates available for Flash Player
for Android no later than the week of April 25, 2011.

Additional information can be found in US-CERT Vulnerability Note
VU#230057.

Relevant Url(s):
<http://www.kb.cert.org/vuls/id/230057>

<http://www.adobe.com/support/security/bulletins/apsb11-07.html>

<http://www.adobe.com/support/security/advisories/apsa11-02.html>

====
This entry is available at
http://www.us-cert.gov/current/index.html#adobe_releases_security_advisory_for7

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBTairfT6pPKYJORa3AQIADgf8CElN6OsspifEJb6OYZiGZ/5OKb4GPe3O
d0FF+Yx9r/6+3P02Xw6RkNGAnu0zqVx8NbGfTPOnVPBKmS0E6sC5z4LJD0EgKlnu
ZtGL+Rkecy6jL1Xp6sJUs+oNHcha9lokERtvBorTvFp5uVw1y3B07zBabIxlRjWR
cv8+1FylNslxNPYZaddU8qrVxTzyYCYD2YMhJGu9WBZ9Nfq2Wl6X8IWC6HkJsmBb
UC9/Viqr9KL+8f3U4qk9WVQioBPoCfbQDQwAqWnzvmXNSRCoksCtWDtT3j2rrIbE
u99JTQbS6p6/KJz99z8Np1mNVsiFDleN9sb39Yc8pXgCfTXBvqQFzw==
=Z7L+
-----END PGP SIGNATURE-----

Current thread:

Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Current Activity (Mar 15)
- <Possible follow-ups>
- Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Current Activity (Apr 12)
- Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Current Activity (Apr 12)
- Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Current Activity (Apr 15)