Adobe Flash Player Zero-Day Under Attack
Adobe Systems issues a security advisory warning users about attacks against a newly discovered vulnerability in Adobe Flash Player.For the second time in nearly a week, Adobe Systems is warning users about a zero-day vulnerability under attack. This time, the bug is in Adobe Flash Player. In a security advisory, the company said the flaw impacts versions 10.1.82.76 and earlier on Windows, Macintosh, Linux, Solaris and Android operating systems. The same vulnerability also impacts Adobe Reader and Acrobat versions 9.3.4 and earlier on Windows and Macs, though so far they are not known to have come under attack, Adobe said.
"This vulnerability (CVE-2010-2884) could use a crash and potentially allow an attacker to take control of the affected system," according to Adobe's Product Security Incident Response Team blog. "There are reports that this vulnerability is being actively exploited in the wild against Flash Player on Windows."