Critical Vulnerability Affects Flash Player, Adobe Reader and Acrobat

By Angel Luis on June 8, 2010 (9 Comments)

adobereader Critical Vulnerability Affects Flash Player, Adobe Reader and Acrobat Adobe has found a critical vulnerability that affects Flash Player, Adobe Reader, and Acrobat.

Adobe informs that affected software include: Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris and Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX.

To be more clear Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows are affected.

As you notice Adobe Reader and Acrobat 8.x are not affected.

The company also informs that this vulnerability is being exploited so I recommend you continue reading.

Right now Adobe hasn’t launched a fix, but recommend to update to the:

Flash Player 10.1 Release Candidate

and delete, rename or remove access to the file authplay.dll that comes with Adobe Reader 9.x and Acrobat 9.x.

The file can be found at:

%programfiles%\Adobe\Reader 9.0\Reader\

for Adobe Reader and at:

%programfiles%\Adobe\Acrobat 9.0\Acrobat\

for Acrobat.

Once the file is removed you can face problems using PDF files with SWF content inside. I haven’t seen one of this before but I am sure they exist.

More information about the vulnerability here:

Security Advisory for Flash Player, Adobe Reader and Acrobat

http://www.adobe.com/support/security/advisories/apsa10-01.html

About Angel Luis

I am an Engineer of Telecommunications that love computers. My first computer was a Commodore 16kb, about 25 years ago and since then I am always fighting computers problems. Please visit my entries and ask me about whatever problem you have, I will be pleased to help you. My email is discoveryourpc [at] gmail [dot] com. You can follow me on twitter @agenlu or read my blog www.discoveryourpc.net

Continue Reading

Free PC tips by email

Search Windows Guides

Comments

Ang087
Thanks for the information. I'm confused on which flash player to download, though. There's a 10.1 release for Windows and a 10.1 release for Windows – ActiveX for Internet Explorer only. Right now, the version I have is Flash Player ActiveX 10.0.45.2,
It also says to uninstall the version 10.0.45.2 before you install 10.1 and offers a download for the uninstaller. So, since I have ActiveX 10.0.45.2, should I stay along that line and install the ActiveX 10.1 for Internet Explorer?
http://richr.org/ Rich
You should download both versions if you use other browsers like Chrome, Firefox etc. Otherwise, the Active X version will suit your needs for Internet Explorer.
Ang087
Sorry about this, but I also found this link:
http://www.adobe.com/devnet/flashplayer/article…
Okay, is this 10.1 update for mobile devices and netbooks with vulnerabilities only or does this also pertain to PCs and laptops?
- http://discoveryourpc.net Angel Luis
  If you follow the link you will enter on this site:
  http://labs.adobe.com/technologies/flashplayer10/
  On this page you can see that are diferent versions.
  If you read the information from Adobe it doesn’t talk about mobile devices so you can suppose they are not affected.
Ang087
Thanks, Rich! I need the Active X then since I only use Internet Explorer. I also went back to that link I provided and read it more thoroughly. I'll be installing the 10.1. :)
Ang087
Just providing some feedback. There were no complications with downloading or using the uninstaller for the current version of flash. I installed the 10.1 Active X version with no problems. I've visited Youtube and Universal Sports.com. I had no problem watching videos. :)
http://richr.org/ Rich
Great news! Thanks for letting us know how it worked out for you.
http://discoveryourpc.net Angel Luis
Adobe has released the update
http://www.adobe.com/support/security/bulletins…

Windows Tools, Help & Guides