Another critical Flash Player exploit in the wild

Adobe Flash PlayerAdobe yesterday announced the discovery of another (as of yet unpatched) critical security flaw in its Flash Player software. The flaw exists in version number 10.2.153.1 and earlier (10.2.154.25 and earlier for Chrome users).

The exploit is being taken advantage of by way of a Flash (.swf) file embedded in a Microsoft Word (.doc) file spread through email. This can typically crash the user’s machine allowing an attacker to compromise the system.

The company assured users of Adobe Reader and Acrobat that at this time they are not aware of any attacks to those applications. Adobe says it’s working on updating its Flash Player software to plug the critical flaw but has not yet given a release date.

We are in the process of finalizing a schedule for delivering updates for Flash Player 10.2.x and earlier versions for Windows, Macintosh, Linux, Solaris and Android, Adobe Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh, Adobe Reader X (10.0.2) for Macintosh, and Adobe Reader 9.4.3 and earlier 9.x versions for Windows and Macintosh.

Related:
Is Windows 7 finally overtaking XP?
Bumper Microsoft patch coming next Tuesday
Windows 7: The Definitive Guide (O’Reilly book)
3.6% of Windows 7 users have adopted IE9
European Commission seeks widespread adoption of Windows 7
Windows 7 price-drop on Amazon
Firefox 4 smashes IE9′s first-day downloads
Millions download latest version of Firefox – Why?