- SandBox Information Center
- Malware Analysis Search
- Articoli sulla sicurezza
- Blog sulla sicurezza [EN]
- Livello di pericolosità [EN]
- Minacce attuali di virus
- Tipi di malware [EN]
- Descrizione dei virus [EN]
- Statistiche sulla posta elettronica [EN]
- Testi, white paper generici ed altro
- La tecnologia Norman
Critical vulnerability in Adobe Flash (and Reader and Acrobat) - UPDATED
First published: 2011-03-15
Updated: 2011-03-22
A critical vulnerabilitiy has been identified in Adobe Flash. The vulnerability is in the Authplay.dll component, which is included in Adobe Acrobat and Reader - these applications are therefore also vulnerable.
Critical is Adobe's highest vulnerability rating and could when exploited allow malicious native-code to execute, potentially without a user being aware.
According to Adobe, there are reports that the vulnerability is being exploited via a Flash file embedded in a Microsoft Excel document.
More information is available in Adobe's security advisory 11-01.
Currently there are no available fix from Adobe. An update is expected in week 12 (21 - 27 March).
More information will be published in this Norman Security Advisory when available.
Update 2011-03-22
Adobe has published security updates for the abovementioned vulnerabilities in Adobe Flash, Adobe Reader and Adobe Acrobat.
More information and links to download pages are available in these security bulletins from Adobe:
- Adobe Flash - Security Bulletin 11-05
- Adobe Actobat and Reader - Security Bulletin 11-06
Norman recommends that users update affected Adobe products as soon as possible.
