Critical zero-day vulnerability found in Adobe Flash, Reader, Acrobat

Adobe
There’s more bad news for the users of Adobe’s products, as the company has just advised that it has discovered critical security vulnerabilities in versions of Adobe Flash Player, Adobe Reader and Adobe Acrobat.

According to an advisory published by the firm, the vulnerabilities can be exploited by malicious hackers to run malicious code on victims computers.

Adobe says that version 10.1.85.3 and earlier of Flash Player for the Windows, Macintosh, Linux and Solaris operating systems are vulnerable. In addition, Adobe Flash Player 10.1.95.2 and earlier versions for Android; and the authplay.dll component that ships with Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX operating systems are at risk.

Finally, Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh operating systems are also vulnerable.

Adobe says it is working on fixing the as-yet unpatched vulnerability, and hopes to provide an update for Flash Player 10.x (for the Windows, Macintosh, Linux, and Android platforms) by November 9th. Adobe Reader and Acrobat 9.4 and earlier are scheduled to be updated during the week of November 15th for Windows and Mac OS X.

Of course, that’s some time away – and in the meantime it wouldn’t be a surprise at all to hear of more malicious hackers attempting to exploit these vulnerabilities. Bad news for Adobe’s customers is, of course, bad news for Adobe.