Adobe to release emergency patch for Flash tomorrow, while Reader and Acrobat remain exposed until the end of this month

News by Dan Raywood

Adobe has said that it will issue a patch for the Flash Player vulnerability by tomorrow.

Adobe has said that it will issue a patch for the Flash Player vulnerability by tomorrow.

In an update David Lenoe, product security program manager at Adobe, said that the company had updated the security advisory posted on Friday to include the planned schedule for a patch to resolve CVE-2010-1297, and that it plans to make available an update for Flash Player 10.x for Windows, Macintosh and Linux by 10th June 2010.

However a date for Flash Player 10 for Solaris is still to be determined, and Adobe is expected to provide an update for Adobe Reader and Acrobat 9.3.2 for Windows, Macintosh and Unix by 29th June.

He said: “Please note that the Acrobat and Reader update represents an accelerated release of the next quarterly security update originally scheduled for 13th July. With this accelerated schedule we do not plan to release any new updates for Adobe Reader and Acrobat on 13th July.”

The company previously warned of a critical vulnerability in Flash Player and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and Unix operating systems.

It said that the vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player, Adobe Reader and Adobe Acrobat.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event 

Webcast: Understanding this year's biggest adversaries - and how to combat them 

Nation-state activity, versatile, slippery strategies and Big Game Hunting - the threats are real, dangerous and ever changing. 
Brought to you in partnership with Crowdstrike