Critical vulnerability in Adobe Acrobat, Adobe Reader and Adobe Flash Player
A critical vulnerability have been identified in Adbobe Flash Player versions versions 9.0.159.0 and 10.0.22.87. This vulnerability also affects Adobe Reader and Adobe Acrobat version 9.1.2, as well as earlier version 9 variants. The vulnerability could cause the application to crash and potentially also allow an attacker to take control of the affected system.
Patches for this vulnerability are currently not available. However, Abobe has announced that updates can be expected by the end of July. More information are available in Adobe's security bulletin, where workarounds are also described.
Norman will update this advisory when new information is available.
Update 2009.07.31
Updates are available for Abobe Flash Player. Updates for Adobe Acrobat and Reader are expected shortly.
More information is available in Adobe's security bulletin from 30 July 2009.
Update 2009.08.04
Updates are available for Adobe Acrobat and Reader.
More information is available in Adobe's security bulletin updated 3 August 2009.
