Adobe has just reported what it says to be a critical vulnerability that affects its popular Flash player. The vulnerability also seems to affect quite a few older versions of the Flash desktop player as well as the Android version, and also the one which is embedded within Google Chrome.
As you would expect, Adobe are already working on a fix to the problem. The reported attacks that can exploit the player seems to be when using an excel file that has an embedded flash SWF, and although Adobe has said that it also affects Android, there has been no reported case of this as of yet.
Below is the list of affected software versions that are affected by this vulnerability:
- Adobe Flash Player 10.2.152.33 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 10.2.154.18 and earlier for Chrome users
- Adobe Flash Player 10.1.106.16 and earlier for Android
- The Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.
Adobe has said that it expects a fix to be issued for the vulnerability sometime next week, should you run any of above mentioned version of the Flash Player, the update should happen automatically.