Adobe to fix critical Flash hole next week
(Credit:
Adobe)
Adobe said Thursday that it will issue fixes next week for a critical hole in Flash that is being exploited in attacks against Adobe Reader version 9 on Windows.
The vulnerability exists in current versions of Flash Player for Windows, Macintosh, and Linux and the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for those same platforms, Adobe said in an advisory.
The vulnerability could cause a system to crash or allow an attacker to take control of the computer, Adobe said.
An update for Flash Player v9 and v10 for Windows, Mac, and Linux will be released by July 30, while a fix for Solaris is pending. Adobe should have an update for Reader and Acrobat v9.1.2 for Windows, Macintosh, and Unix by July 31.
An attacker can exploit the vulnerability by luring someone to a Web site hosting a specially crafted Shockwave Flash file, US-CERT said in an advisory Thursday.
"The Adobe Flash browser plug-in is available for multiple Web browsers and operating systems, any of which could be affected," CERT said. "An attacker could also create a PDF document that has an embedded SWF file to exploit the vulnerability. This vulnerability is being actively exploited."
The vulnerabilities can be mitigated by disabling the Flash plug-in or by using the NoScript extension for Mozilla Firefox or SeaMonkey to whitelist sites that can access the Flash plug-in, CERT said.
To disable Flash, US-CERT recommends:
• Disabling Flash in Adobe Reader 9 on Windows platforms by renaming the following files: "%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll" and "%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll".
• Disabling Flash Player or selectively enabling Flash content as described in the "Securing Your Web Browser" document.
"Deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat v9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF that contains SWF (Shockwave Flash) content," the Adobe advisory said.
Typically, the authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll or C:\Program Files\Adobe\Acrobat 9.0]\Acrobat\authplay.dll, Adobe said.
Windows Vista users can mitigate the impact of the exploit by enabling UAC (User Access Control), according to Adobe. Flash Player users should be careful when browsing unfamiliar Web sites.
Researchers on Wednesday reported that they had uncovered attacks in the wild in which malicious Acrobat PDF files were exploiting a vulnerability in Flash and dropping a Trojan onto computers.
The bug used in the exploit has been around since December 2008.
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor. 
"Took ya long enough"
to fix...
but thanks thought, the thought of having a vulnerable machine open to hacker is not a pleasant one
Adobe AIR Flash 10.x Plug-in
Adobe AIR Flash 9.x Plug-in
Bridge CS4 Flash 9.x Plug-in
Contribute CS4 Flash 10.x Plug-in
Device Central CS4 Flash 9.x Opera Plug-in
Dreamweaver CS4 Flash 10.x Plug-in
Extension Manager CS4 Flash 9.x Plug-in
I'm awaiting a response from Adobe support regarding the scope of this Flash vulnerability.
You can also get more information from the Symantec Security Response team at this site: http://www.symantec.com/connect/blogs/next-generation-flash-vulnerability
Marian Merritt
Symantec/Norton Internet Safety Advocate