Update on Flash Player vulnerability

by Serge Jespers on 29. May, 2008 in Flash, News

The Adobe Product Security Incident Response Team is reporting that the latest version of the Flash Player (version 9.0.124.0) is not affected by the vulnerability that was reported earlier this week. “The exploit appears to be taking advantage of a known vulnerability that was resolved in Flash Player 9.0.124.0.”, the PSIRT says.

Symantec confirms:

The malicious SWF file found in-the-wild has been found to affect Adobe Flash Player 9.0.115.0 and earlier, not the latest version 9.0.124.0. Originally this issue was believed to be unpatched and unknown, but further technical analysis has revealed that it is the previously reported Adobe Flash Player Multimedia File Remote Buffer Overflow Vulnerability (BID 28695), discovered by Mark Dowd of IBM.

To verify your Adobe Flash Player version number, access the About Flash Player page, or right-click on Flash content and select “About Adobe (or Macromedia) Flash Player” from the menu. We encourage you to always download and install the latest version of the Flash Player.

Share this post
SubscribeDiggdel.icio.usFacebookStumbleUponTechnorati

Tags: , , , , , , ,

2 Responses to “Update on Flash Player vulnerability”

  1. Flex Forum Poland 29. May, 2008 at 10:31 am #

    I invite Polish users on forum about Adobe Flex:
    http://www.flexforum.pl

Trackbacks/Pingbacks

  1. mein-parteibuch.com » Ärgernis Adobe Flash bändigen - 29. May, 2008

    [...] wie sie gerade in Debian-SSL drin war natürlich jeden Tag ändern. Da Adobe der Meinung ist, dass die neueste Version des Flashplayers, 9.0.124.0 nicht von dieser Sicherheitslücke [...]

Leave a Reply