Vulnerability Discovered In Adobe Flash Player And Adove AIR

Adobe Flash Player And Adobe AIR Code Execution Vulnerability Discovered. Successful exploitation allows execution of arbitrary code.

Get The Latest Version From The Vendor: http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player_ax.exe

A vulnerability has been discovered in Adobe Flash Player and Adobe AIR, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the authplay.dll component when parsing Flash content and can be exploited to corrupt memory.

The vulnerability is reported in the following products:

• Adobe Flash Player 10.1.82.76 (confirmed) and prior.
• Adobe Flash Player 9.x
• Adobe AIR 2.0.3 and prior.

NOTE: The vulnerability is currently being actively exploited.

Solution

Update Adobe Flash Player to version 9.0.283 or 10.1.85.3 and Adobe AIR to version 2.0.4.

Reference From Adobe:

http://www.adobe.com/support/security/advisories/apsa10-03.html

http://www.adobe.com/support/security/bulletins/apsb10-22.html