Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Adobe Flash 0-Day

Posted by CmdrTaco on from the thats-not-gonna-work-out-well dept.

Trailrunner7 writes "Adobe is warning its users about a critical vulnerability in Flash that affects Adobe Reader and Acrobat, as well, and is being used in some highly targeted attacks right now. The vulnerability in Flash Player affects Reader and Acrobat, both of which include Flash functionality, but it does not affect Reader X. Adobe officials said that Reader X's Protected Mode sandbox would prevent successful exploits. The company plans to have a patch for the affected products ready by next week for all platforms, including Windows, Mac, Linux, Android and Solaris."

2 of 133 comments (clear)

  1. Shockwave flash file inside an excel spreadsheet? by 140Mandak262Jamuna · · Score: 4, Informative

    The attack vector is a excel spreadsheet delivered via an attachment that contains a swf file that has this vulnerability. Looks like it is not a drive by download. Not sure if the streamed flash videos have the vulnerability. It does not affect Win7. Affects XP. If it is leveraging some specific bug in excel and then a bug in flash, it is very specific to that combination. XP+Excel+Adobe. The rest of us can rest easy and enjoy a little bit of schadenfreude.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  2. who uses Adobe Reader anyways? by Ionized · · Score: 4, Informative

    Seriously, get FoxIt PDF reader. It's free, and approximately 5 million times faster than Adobe Reader.