Adobe released a security bulletin today warning of a critical, zero-day vulnerability in their Reader and Flash Player software. The bulletin notes that an unpactched system could “crash [your system] and potentially allow an attacker to take control of the affected system.” The vulnerability is affecting:
- Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 10.1.95.2 and earlier for Android
- Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX
- Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh
- Adobe Reader and Acrobat 8.x are confirmed not vulnerable. Adobe Reader for Android is not affected by this issue.
Adobe is promising an update to fix the issue by November 9. Hit the read link to read more and for mitigation instructions for your specific platform.