According to an iDefense security advisory, there is a bug in Adobe Flash player version 10.0.12.36 and later that allows hacker to gain control of your PC.

download01Adobe updated it’s security bulletin on the same subject and listed additional software ie Flex 3, Air 1.5  & Flash CS3/4 are also affected by the bug.

The latest security bug is the second in less than a week, to hit Adobe. The Acrobat Reader bug announced earlier will only have a patch much later, scheduled to release on 11 March.

Latest update, Secunia’s blog warned that disabling Javascript as recommended will not stop the exploitation of the Reader bug. A home brew patch is available though, this is however an unsupported patch by Adobe, so caveat emptor!

According to Adobe, Flash is used by 99% of Internet users.

“Adobe ® Flash ® Player is the world’s most pervasive software platform, used by over 2 million professionals and reaching 99.0% of Internet-enabled desktops in mature markets as well as a wide range of devices.”

Thus, it will be even more challenging to update all those out dated versions, especially when majority of them are still running Flash version 9. Even, WordPress uses Flash as part of the tool to upload files.

flashversion1

Advertisements