Adobe To Push Emergency Fix For Flash Bug

Trailrunner7 writes "Adobe has moved up the release date for the patch for the critical bug in Adobe Flash Player revealed last week, and now plans to have an emergency fix ready on Thursday. The company still plans to patch Reader two weeks from now. The vulnerability in Flash also exists in Reader and researchers said last week that attackers had already begun exploiting the bug in Reader by the time that Adobe acknowledged the problem and published an advisory. At the time of the initial advisory, Adobe officials said they planned to release a patch for Flash on Nov. 9 and for Reader on Nov. 15."

Re:I have a question

[Codename+Dutchess]

I would imagine that there is a certain amount of testing with any software patch thats released.

Re:I have a question

[FranTaylor]

It's good that they are doing it so often.

It must cost them a small fortune every time.

Hopefully someone there who signs checks is getting tired of it all and is pushing for changes.

Too late

I already replaced it with gnash and I am satisfied.

Re:Don't care...

Well if you really cared you could pass --safe-plugins to Chromium and sandbox Flash. It'll break some websites but YouTube works. Details: click. Linux details: click. On Linux the sandbox is using either chroot (SUID) or policies (AppArmor, SELinux, seccomp...).

Flash forces McAfee on you

[bubblegoose]

The Flash updater annoyed me the last time I ran it. The last update I applied snuck some Mcafee software on to my machine.

The flash updater now has the checkbox checked by default for mcafee security scan plus, and they moved the checkbox so you don't notice it when you are glancing at the installer.

Re:Flash forces McAfee on you

Click to download, DONT accept their stupid "Download Assistant" and start clicking through the support pages...eventually you'll find the executables in the clear...

http://kb2.adobe.com/cps/855/cpsid_85599.html

Re:Flash forces McAfee on you

[Tynin]

The Flash updater annoyed me the last time I ran it. The last update I applied snuck some Mcafee software on to my machine.

Thank you greatly for posting this. On my workstation I had an Adobe Flash Updater pop up on me in the last week or 2, I let it run and do it's thing. So, the next day at work I noticed Mcafee Security Scan (or some such) on my computer, I thought it was strange and even double checked that the corporate mandated Symantec was still installed and running. I just chalked it up to some manager deciding to inflict the masses with another ill conceived GPO push. I meant to question our helpdesk about it, but I glossed over it by the next day.

They must have really snuck that checkbox in very well, I'm pretty diligent with my usual "is this software trying to push additional crapware on me" scan for checkboxes and didn't see it. I often expect them in pretty much everything these days (I'm looking at you Java), but I hadn't noticed the Flash Updater sneaking them in before.

Where do I click ..

[viralMeme]

Where do I click to get 'infected`, besides there is no authplay.dll on my computer.

"A critical vulnerability has been identified in Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris; Adobe Flash Player 10.1.95.2 and earlier versions for Android; and the authplay.dll component that ships with Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX" link

Shockwave Flash 10.1 on Ubuntu 10.10 ..