Money Matters, Simplified.
Adobe confirms critical vulnerability in Flash, Reader, Acrobat
by Jaspreet Virk - June 6, 2010 - comments
dobe added that the "vulnerability if exposed would allow malicious native-code to execute, potentially without a user being aware."
Hot on the heels of criticism by Apple Inc.'s Steve Jobs, Adobe Systems Inc. finally seems to be acknowledging problems in the current versions of its Adobe Reader, Acrobat and Flash Player software.
After Jobs hailed criticism at Adobe, highlighting the security flaws in Flash, San Jose, California based company has confirmed vulnerability in Adobe Flash Player 10.0.45.2 and earlier versions.
In a statement released on its website, the graphic design, publishing, and imaging software company stated that Flash player “versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems” could lead to system crash and allow hacker to take control of the affected system.
Though Adobe did not divulge when the fix will be released to plug security holes, it has advised users to download Flash Player 10.1 release candidate 7 for PCs and netbooks released June 2. Even Adobe Reader and Acrobat 8.x is not vulnerable, the company has confirmed.
The vulnerability is not widespread. The company has so far received two complaints of bugs attacking the systems.
Flawed software versions
The versions reported affected include Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions.
Further, vulnerability also exists in Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions.
Adobe added that the "vulnerability if exposed would allow malicious native-code to execute, potentially without a user being aware."
Though Adobe did not divulge when the fix will be released to plug security holes, it has advised users to download Flash Player 10.1 release candidate 7 for PCs and netbooks, released June 2. Even Adobe Reader and Acrobat 8.x is not vulnerable, the company has confirmed.
In case of Reader and Acrobat, Adobe has recommended users to rename or delete access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x.
Users report Flash 10.1 problems
Adobe in its security advisory has acknowledged the problems, and assured users of security with its latest version of Flash Player, but the problems do not end here.
In fact, many users who have installed Flash Player 10.1are facing numerous glitches.
For instance, a user named Rising_Sun666 took to Adobe's Support forum saying, "The new 10.1 Flash runs choppy for 1080p youtube videos. Tried since the beta and now i am at RC6 but 1080p mode isnt smooth as on the 10.0 Flash version and in some 1080p Videos i get frame dropping."
On the same lines another user named TechDudeGeorge commented that Flash 10.1 RC is "incrediblely bad," adding “For first trying to watch Live TV via sites on my computer and it just lags behind so much. I can't bare to watch it.”