Adobe plans to fix critical bug in Flash.

June 9, 2010

This Thursday (9th June 2010) Adobe plan A critical vulnerability exists in Adobe Flash Player (Verizon 10.0.45.2 and earlier) for Windows, Macintosh, Linux and Solaris operating systems. This bug also effects a component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems.

The vulnerability potentially causes a crash that allows an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the real world against both Adobe Flash Player, and Adobe Reader and Acrobat.

Update: Abode have released the fix for Flash.

Which version do I have?

You can check which version of flash you have by visiting http://www.adobe.com/software/flash/about/.

If you have anything less 10.0.45.2 then you need to upgrade.

How to update Flash

If you are running Internet Explorer in Windows then you can visit file hippo to download the latest version. [/] Once downloaded, launch the update to upgrade to the lasted version.

If you are running any other browser then simply visit the adobe flash update site and follow the on screen instructions.

Why is this important?

Flash is wide spread and very popular and, according to Abode, Flash Player is installed on 99% of Internet-enabled desktops worldwide and on a wide range of popular devices.

Flash Player is used to provide a container for many things, including games, but was originally developed to produce high quality adverts which still represents the highest use of the product.

The criminal gangs write malicious code and embed it into harmless looking adverts which then infect your machine without your knowledge.

How do I protect myself?

There are two lines of defense required:

  • up-to-date anti virus
  • Use a browser that support add-ins and then install the very useful  Flashblock

FlashBlock prevents any embedded Flash application from running until you approve it.