Exploited bug doesn't exist in latest version of Flash

Despite earlier reports, version of Adobe Flash Player has no new bugs.

Michael Horowitz

Michael Horowitz wrote his first computer program in 1973 and has been a computer nerd ever since. He spent more than 20 years working in an IBM mainframe (MVS) environment. He has worked in the research and development group of a large Wall Street financial company, and has been a technical writer for a mainframe software company.

He teaches a large range of self-developed classes, the underlying theme being Defensive Computing. Michael is an independent computer consultant, working with small businesses and the self-employed. He can be heard weekly on The Personal Computer Show on WBAI.


Michael Horowitz

Old versions of Adobe Flash Player, perhaps the most widely used software in the world, contain known bugs that are being actively exploited online. If you are using any version of Flash Player, other than the latest, you should update to version as soon as possible.

Early reports from Symantec said the bug being exploited was a new one. Turns out this is not the case. On Thursday, Adobe said

"Despite various reports that have been circulating, the Flash Player Standalone and Linux Player are NOT vulnerable to the exploits discussed in conjunction with the previously disclosed vulnerability Symantec posted on 5/27/08. Symantec originally believed this to be a zero-day, unpatched vulnerability, but as their latest update on their Threatcon page indicates, they have now confirmed this issue does not affect any versions of Flash Player"

You can see which version of Flash Player is being used by your Web browser at the Adobe Flash tester page. You need to check every Web browser installed on your computer.

For instructions on updating Flash Player, see Time to update the Flash Player. Here's how. If you use the portable version of Firefox, see Portable Firefox and the Flash Player for instructions on updating Flash Player.

See a summary of all my Defensive Computing postings.