Fix in for 'critical' Flash player flaws

Adobe releases patches for Macromedia's Flash Player, used to view Web video clips, and its Breeze Meeting conferencing tool.

Dawn Kawamoto
Dawn Kawamoto Former Staff writer, CNET News
Dawn Kawamoto covered enterprise security and financial news relating to technology for CNET News.
Adobe Systems has issued a patch for critical security flaws in its Macromedia Flash Player that could allow malicious attackers to take control of systems.

The vulnerabilities in the application affect Flash Player versions 8.0.22 or earlier, as well as Breeze Meeting add-in version 5.0 or earlier, according to an advisory from the software maker. The player software enables people to view Flash movies or animations on Web sites, while Macromedia's Breeze Meeting is a Web conferencing tool that uses Flash Player.

People who inadvertently load a malicious file format (SWF) into their Flash Player could enable an intruder to execute arbitrary code on their systems via a Web browser, e-mail client or other applications.

Adobe describes the security update as "critical" and is urging people to download the patch from its Web site.

The San Jose, Calif.-based company, which recently acquired Macromedia, the maker of the affected applications, credited Microsoft with reporting the flaws. Microsoft itself also issued an advisory on the Adobe Flash Player flaws.