3 days ago Adobe announced an exploit affecting their Flash Player software, and potentially Adobe Reader/Acrobat. Flash versions affected are 10.2.153.1 and earlier (10.2.154.25 and earlier for Chrome users).
The exploit is being taken advantage of by way of a Flash (.swf) file embedded in a Microsoft Word (.doc) file spread through email. This can typically crash the user’s machine allowing an attacker to compromise the system.
Adobe recently promised a fix for the Flash Player software exploit, which they will have ready on Friday the 15th of April 2011. An update for Adobe Reader and Acrobat is promised “no later than the week of April 25, 2011″.
We are in the process of finalizing a fix for the issue and expect to make available an update for Flash Player 10.2.x for Windows, Macintosh, Linux and Solaris on Friday, April 15, 2011.
Related:
Another critical Flash Player exploit in the wild
Kindle with “Special Offers” aka ads, to launch on May 3
Is Windows 7 finally overtaking XP?