Adobe flashes security updates

Adobe Systems issues three critical security updates designed to address vulnerabilities in its Flash Player.

Adobe Systems this week issued three critical security updates designed to address vulnerabilities in its Flash Player, according to a security advisory issued by the company.

Adobe Flash Player, and, as well as their earlier versions running on all platforms, are affected.

Users loading a malicious vector graphics file format (SWF) in their Flash Player may find attackers exploiting security flaws due to an input validation error in and earlier versions, according to a security advisory by Secunia. Attackers, as a result, can gain remote access to a user's system.

In versions and earlier running on Linux and Solaris, malicious attackers could exploit an error in the interaction between the Flash Player with certain browsers. As a result, that could potentially lead to a leaking of key strokes to a Flash Player applet, Secunia noted. Flash Player 9 is not affected.

Versions and earlier contain a bug due to insufficient validation of the HTTP referer. As a result, an attacker could execute a cross-site forgery attack. Flash Player 9, however, is not affected.

Adobe recommends that users upgrade to for Windows, Mac and Solaris, or for Linux.

Adobe Flash Player 9 is the recommended solution for the other two versions that contain security flaws.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Man flies 54-propeller superdrone, almost flips it, Ep. 217

This week on Crave, we walk you through a futuristic new automated restaurant in San Francisco, get navigation directions from the sultry voice of Stephen Colbert on Waze, and fly a drone with 54 propellers that can carry a full-grown man. It's the Crave show!

by Stephen Beacham