CERT mailing list archives
Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat
From: Current Activity <us-cert () us-cert gov>
Date: Tue, 12 Apr 2011 14:14:00 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 US-CERT Current Activity Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Original release date: April 12, 2011 at 10:39 am Last revised: April 12, 2011 at 2:00 pm Adobe has released security advisory APSA11-02 to alert users of a vulnerability affecting the following Adobe products: * Flash Player 10.2.153.1 and earlier versions for Windows, Macintosh, Linux, and Solaris * Flash Player 10.2.154.25 and earlier versions for Chrome * Flash Player 10.2.156.12 and earlier versions for Android * the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh. Exploitation of this vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. The Adobe advisory indicates that this vulnerability is currently being exploited in targeted attacks via a Flash (.swf) file embedded in a Microsoft Word (.doc) file delivered as an email attachment. However, the method of attack can change at any time. At this time, Adobe has not released a fix to mitigate this vulnerability. US-CERT encourages users and administrators to do the following to help mitigate the risks until a fix becomes available: * Review Adobe security advisory APSA11-02. * Exercise caution when opening unsolicited email attachments. * Refer to the Using Caution with Email Attachments Cyber Security Tip for more information on safely handling email attachments. Additional information can be found in US-CERT Vulnerability Note VU#230057. US-CERT will provide additional details as they becomes available. Relevant Url(s): <http://www.kb.cert.org/vuls/id/230057> <http://www.us-cert.gov/cas/tips/ST04-010.html> <http://blogs.adobe.com/psirt/2011/04/security-advisory-for-adobe-flash-player-adobe-reader-and-acrobat-apsa11-02.html> ==== This entry is available at http://www.us-cert.gov/current/index.html#adobe_releases_security_advisory_for7 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTaSWWj6pPKYJORa3AQJzwwf/ZgP06i4tJgYpJ7ZXEk2+4bsaHINglTCN h1/iIntX4vVZZ3ZVQoKLu+WS52I0kHmUSxL5rKYDJr+A2/0gGGU/Cl4ICrInkVLd Gjd08Oy+XO0H8zy75vEcIexw603TmatcfFq76wH+WVmf3/CMMqksQmeJWxdyk97q ZsnDWXjQqLBKHkbukTmkMd0Vle1gXGm3Ec8V8SeZ4gSLT0TqJeYrdYk3+JlAdhUs 1kcsIu6I2y2woifsVDKrrfeFwB/sPPkrPZRFFG9Pk1kiE4GMMqjAPdJAgCsTFG99 5kjQS2rkF996I0dDyfMJA272NQEQZDWPx7r+uDJezYGXIIW7vOzkSw== =ypwN -----END PGP SIGNATURE-----
Current thread:
- Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Current Activity (Mar 15)
- <Possible follow-ups>
- Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Current Activity (Apr 12)
- Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Current Activity (Apr 12)
- Current Activity - Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Current Activity (Apr 15)