It didn’t take long for someone to start exploiting zero-day vulnerabilities in Adobe’s software. In fact, having the the honour of designing the most hacked software on the planet, means that Adobe’s products are always going to be on the front-line of attacks. Since late Friday attackers have been exploiting a critical vulnerability in the company’s most widely-used software: Flash Player and Adobe Reader.
?Adobe said that the bug affects Flash Player 10.0.45.2, the most up-to-date version of the popular media player, as well as older editions on Windows, Macintosh, Linux and Solaris. Also vulnerable: PDF viewer Adobe Reader 9.x and PDF creation software Adobe Acrobat 9.x on Windows, Macintosh and Unix.
The threat has been rate as ‘extremely critical’ by security firm Secunia and US-CERT have also posted a warning of the vulnerability. Ironically, the newest warning came just days after Brad Arkin, Adobe’s director of security and privacy, said the company is in the security spotlight , but had taken several countering steps, including emphasizing development practices that have resulted in more secure code.
Meanwhile Adobe has recommended users switch to the unfinished 10.1 RC which is available here.
UPDATE: Adobe has indicated that a fix for this issue will be made available tomorrow, Thursday 10 June.