Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Adobe has rushed a patch to cover a potential vulnerability in its Flash Player.
It claimed that a specially crafted SWF file could result in a buffer overflow that could allow an attacker to execute arbitrary code on the unpatched system. This could lead to a denial of service attack, mitigate clickjacking issues and cause a potential privilege escalation issue.
The affected versions are Flash Player 10.0.12.36 and earlier versions. Adobe rated it as ‘critical' and recommended users update their players to the newest version or apply the patch.
Sam Masiello, vice president of information security at MX Logic, said: "It was not clear from the advisory as to whether or not there is code in the wild currently exploiting any of these vulnerabilities, although I could not find any other announcements that would lead me to believe that exploit code exists.
"I believe that this begs the question as to why a Flash Player update is being released in advance of any malicious code when verified exploit code is already in the wild for Acrobat and Acrobat Reader? I am all for releasing patches proactively, but I would like to see an explanation from Adobe as well as to why we still have to wait two weeks for the Acrobat [Reader] updates. I don't quite understand the prioritisation here."
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.