Zero-day flaw discovered in Flash, Acrobat and Reader

Adobe has warned that a critical vulnerability (CVE-2010-2883) in the most current version of its Flash Player is being actively exploited on Windows computers. The company said that the flaw, discovered by security firm Trend Micro, could allow attackers to ‘take control of the affected system.’

Reader and Acrobat are also affected by the vulnerability, but Adobe has said that it does not know of any current attempts to exploit the flaw in either program. The full press release is available from Adobe’s web site.

Adobe plans to deliver a fix for this most recent security breach by accelerating its quarterly security update to the week of October 4. The company is also planning to add a security ‘sandbox’ to the next major Windows release of Reader.

Until the fix is made available, Microsoft has announced that its recently released toolkit Enhanced Mitigation Evaluation Toolkit (EMET) 2.0 can be used to block these attacks. More information on how to use EMET can be obtained directly from Microsoft.

You May Also Like

About the Author: Anne Shea

Leave a Reply