Adobe has issued a 'critical' update for the latest versions of Flash 10 and Flash 9
Adobe has posted a security fix for its Flash multimedia browser plug-in. The update is rated as 'critical', and all users are advised to update to the latest versions of Flash 10 and Flash 9.
The update addresses five different CVE vulnerability reports. The effects of a possible exploit range from privilege exploitation to 'clickjacking' and remote code execution.
In addition to Flash Player versions 10.0.12.36 and earlier, the update is being recommended for users running Adobe's AIR 1.5, Flash CS4 and CS3 Professional and Flex 3 products. Linux users will want to update their copies of Flash Player to version 10.0.22.87.
The update is not related to a security alert issued last week, which addressed a flaw in the Adobe Reader component that could allow for remote code execution.
The company has not yet issued a patch for that vulnerability, although a third-party developer has come up with a home-made fix for the flaw.
© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093