“The zero-day vulnerability is reminiscent of one Adobe disclosed and patched in July 2009, and comes just days after the company’s head of security admitted hackers have its software in their crosshairs,” Keizer reports.
“Adobe said that the bug affects Flash Player 10.0.45.2, the most up-to-date version of the popular media player, as well as older editions on Windows, Macintosh, Linux and Solaris,” Keizer reports. “Also vulnerable: PDF viewer Adobe Reader 9.x and PDF creation software Adobe Acrobat 9.x on Windows, Macintosh and Unix.”
“Hackers are already exploiting the flaw. ‘There are reports that this vulnerability is being actively exploited in the wild against Flash Player, Reader and Acrobat,’ the company said in a security advisory issued around 3:30 p.m. PT Friday,” Keizer reports.
“Danish bug tracker Secunia rated the threat as ‘extremely critical,’ the highest ranking in its five-step scoring system. The U.S. Computer Emergency Readiness Team (US-CERT), an arm of the federal Department of Homeland Security, also posted a warning of the vulnerability,” Keizer reports. “Attackers exploiting the flaw may be able to hijack the targeted computer, Adobe acknowledged.”
Full article here.
MacDailyNews Take: So, not only are the ingrates at Adobe lazy, they’re also inept.
[Thanks to MacDailyNews Reader “Mike D” for the heads up.]