Adobe Fixes Critical Flash Vulnerabilities

Both Windows and Mac systems are affected.

SAN FRANCISCO -- Adobe Systems has patched a number of critical vulnerabilities in its Flash media player that attackers could use to take over an affected system. The bugs are severe enough that Microsoft, which distributes the Flash software with its Windows operating system, has warned its customers of the issue.

Theoretically, attackers could exploit the bugs by tricking a user into loading a maliciously encoded Flash movie file, which would have a .swf extension, Adobe said in its advisory, posted Tuesday.


What Software Is Affected

The vulnerabilities can be found in Flash Player versions 8.0.22 and earlier, in Breeze Meeting versions 5.1 and earlier, and in Shockwave player versions 10.1.0.11 and earlier.

Adobe's advisory credits Microsoft with discovering the vulnerabilities, but both the Windows and the Macintosh OS X operating systems are affected by the problem, according to Adobe.

The Flash format is a popular technology used for viewing and designing Web animation, and the Flash Player is widely distributed as a plug-in component for Web browsers. Flash was developed by Macromedia, which Adobe acquired last year.

Microsoft's security advisory may be found here.

Related Links:

• Go back to category System & Utilities to read more reviews and articles.
• Go back to Software Magazine's main page.