San Jose (CA) - Adobe continued its patch party this week and released a patch for critical vulnerabilities in its Flash Player 9 that could allow attackers to bypass the player's built-in security features.
Adobe is warning about potential vulnerabilities in its Flash Player 220.127.116.11 and earlier. According to the company, there are several security issues ranging from cross-site scripting problems and information disclosure vulnerabilities to flaws that could open doors for attackers to inject malicious code in sites and launch DNS rebinding attacks.
The company labeled those vulnerabilities as critical and urged users who still use the Flash Player 18.104.22.168 and earlier versions to upgrade to the recently released Flash 10 or by using the auto-update mechanism within the Flash player when prompted.
Users who are already running Flash Player 10 are not exposed to this vulnerability. Users who cannot update to Flash Player 10, can fix their Flash Player 9 installation by downloading a patch.
Adobe released Acrobat and Acrobat Reader patches earlier this week. The updates fixed vulnerabilities that enabled attackers to use a specifically crafted PDF file in order to gain access to a computer system with the rights of the user running the software.