Adobe Patches Flash Player Vulnerability Earlier Than Expected
Adobe Systems released a patch for a zero-day vulnerability in Flash Player ahead of schedule.Adobe Systems pushed out a fix for an Adobe Flash Player zero-day faster than expected. Initially expected to come out the week of Sept. 27, today's patch fixes a vulnerability the company warned Sept. 13 had come under attack. Though the attacks have targeted Flash on Windows, the flaw impacts versions 10.1.82.76 and earlier on Windows, Macintosh, Linux and Solaris, as well as version 10.1.92.10 on Android. Adobe Reader and Acrobat versions 9.3.4 and earlier on Windows and Macintosh systems are affected as well, as are Reader versions 9.3.4 and earlier on Unix.
"This vulnerability (CVE-2010-2884) could use a crash and potentially allow an attacker to take control of the affected system," according to the Adobe advisory. "There are reports that this vulnerability is being actively exploited in the wild against Flash Player on Windows. Adobe is not aware of any attack exploiting this vulnerability against Adobe Reader or Acrobat to date."