Tag Archives: ad0be

Time to Patch Your Flash

April 15, 2011
47 Comments

If it seems like you just updated your Flash Player software to plug a security hole that attackers were using to break into computers, you’re not probably not imagining things: Three weeks ago, Adobe rushed out a new version to sew up a critical new security flaw. Today, Adobe issued a critical Flash update to eliminate another dangerous security hole that criminals are actively exploiting.

This new update addresses a vulnerability first detailed here at KrebsOnSecurity.com on Tuesday, and Adobe deserves credit for responding quickly with a patch. But there are few things that are simple about updating Flash, which ships in a dizzying array of version numbers and for many users must be deployed at least twice to cover all browsers. In addition, users may have to uninstall the existing version before updating to guarantee a trouble-free install. Also, Adobe Air will need to be updated if that software also is already installed. Finally, fixing this same vulnerability in Adobe Reader and Acrobat will require installing another patch, which won’t be out for at least another 10 days.

Critical Security Updates for Adobe Acrobat, Flash, Reader

March 21, 2011
33 Comments

Adobe today released a software update to plug a critical security hole in its Flash Player, Adobe Acrobat and PDF Reader products. The patch comes a week after the software maker warned that miscreants were exploiting the Flash vulnerability to launch targeted attacks on users.

The Flash update address a critical vulnerability in Adobe Flash Player version 10.2.152.33 and earlier versions (Adobe Flash Player version 10.2.154.18 and earlier versions for Chrome users) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android.