Hackers have found yet another critical vulnerability in Flash and Adobe Reader and Acrobat, reports CNET News. According to a company blog post:
A critical vulnerability exists in Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems; Adobe Flash Player 10.1.95.2 and earlier versions for Android; and the authplay.dll component that ships with Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX operating systems, and Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh operating systems.
Adobe says the vulnerability is being actively exploited against Adobe Reader and Acrobat 9.x, but so far, the company is not aware of attacks targeting Adobe Flash Player. Techtree.com notes that a fix for the issue for Flash Player 10.x will be released by Nov. 9. Adobe Reader, Acrobat 9.4 and earlier 9.x versions will get an update around Nov. 15.
In related news, Softpedia reports that Adobe has patched several critical Shockwave vulnerabilities following reports last week of a critical bug in the player that affects both Windows and Macintosh PCs.
These days, it seems rare that a week goes by without a report of some sort of Adobe vulnerability. InfoWorld's Ted Samson says:
there must be a point at which the companies and end users will lose faith in Adobe products to the point of shunning them ...