Adobe reports 'critical' flaw in Flash, Acrobat

Security vulnerability could let attackers take control of people's computers. Adobe says there have been reports that the flaw is actually being exploited.

Adobe has issued a security advisory about a "critical" vulnerability in its Flash Player and Adobe Reader and Acrobat products that it says could let attackers take control of people's computers.

The company said late Friday that there had been reports of the hole actually being exploited and that an official patch was not yet available.

Affected software includes:

  • Adobe Flash Player, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris
  • Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh, and Unix

The company said that the Flash Player 10.1 Release Candidate does not seem to be vulnerable and that Adobe Reader and Acrobat 8.x are confirmed not vulnerable.

Adobe didn't say when an official fix would be released, but according to the company, computer users can mitigate the Flash issue by downloading the release candidate mentioned above. The Acrobat and Reader issue can be addressed by "deleting, renaming, or removing access to the authplay.dll file" that ships with those products, Adobe said. This will, however, cause a nonexploitable crash or error message if a user opens a PDF file that contains SWF content. The .dll file is typically located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll for Adobe Reader or C:\Program Files\Adobe\Acrobat 9.0\Acrobat\authplay.dll for Acrobat, Adobe said.

The complete security advisory is available here.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Details about Apple's 'spaceship' campus from the drone pilot who flies over it

MyithZ has one of the most popular aerial photography channels on YouTube. With the exception of revealing his identity, he is an open book as he shares with CNET's Brian Tong the drone hardware he uses to capture flyover shots of the construction of Apple's new campus, which looks remarkably like an alien craft.

by Brian Tong