Adobe finds gaping security hole in latest version of Flash Player for PC, Android

By on Apr 12, 2011 at 1:58 PM
Software April 12, 2011

Adobe has identified a zero-day exploit in the latest version of Flash Player 10.2 for Windows, Mac, Linux and Android. Using the the security hole, an attacker can potentially run malicious code and even take control of an affected system. While the vulnerability and potential damage to a system are significant, common sense will help users avoid the issue in most cases. The malicious code that takes advantage of this exploit is typically delivered as a Flash file embedded in a Microsoft Word document attached to an email. Most users in this day and age know to avoid such files. Adobe is currently working on a fix for the security hole, though the company has not stated when the fix might become available.

[Via Android Police]

Read

Tags:
, , , , , , , , , , , , , , ,
61 Comments

Related Articles

  • Anonymous

    Bu bu bu Android has teh flash!!!!!! everythingz should have them flash so thar they can stealz my infoz!!!!! etc.

    SO glad I don’t have to put up with Flash on my iPad 2 :)

    • Mambo

      …funny how you’re willing to put up with the iOS security weaknesses though…

      Ever heard of all those hacked celebrity phones???? Guess what? Oh, yeah.

      Good for Adobe! They’re willing to come up front and say there’s a threat and is going to be fixed. Unlike, of course, another manufacturer who can’t even admit to a major hardware flaw.

      • http://twitter.com/gnomehole The Gnome

        I always love it when someone defends their security hole by bringing up something completely unrelated.

        How long are you people going to keep defending this crap. Seriously. Its one thing to like Android, but anyone that pushes Flash these days is immediately irrelevant to the conversation.

        Unless you based your life around Flash you should all know better by now. What has it been, 2 years or more since this argument came up… and Flash still isn’t working right on mobile devices.

        +1 on not ever worrying about Flash on my iOS device. Maybe there are other issues, but removing Flash from it removes probably 90% plus of them. If you are stuck on that other 10% you fail.

      • Mambo

        Gee…last I checked iCrap got hacked without even any flash… H-A-C-K-E-D
        Funny that’s only a 10% fail for you. When the OS itself is insecure compared to an insecure APP or program.

        “Flash still isn’t working right on mobile devices.”

        Been drinking the Kool-Aid much have you? It works on N900 (even played Farmville on it to test it). It’s been working pretty much okay now on Android 2.3 and is improving. So, there’s a security issue and they acknowledged and are going to fix it. How’s your iPhone condom holding up? Has Apple acknowledged that it was stupid to put the antenna at that location? Funny the crap you’re willing to go through as opposed to a completely reftifiable issue.

        So, if Flash should be put to rest because it sometimes don’t work right on mobile devices, should we put the iPhone to rest because it sometimes can’t make a call?

      • mmmmmhead

        it works great on my DX..

        If Job’s never pulled flash and it worked the exact same way on iOS as it does on my DX would you use it? I would say most definitely. So, you know what that means? It means that you’re a brainwashed TOOL!

    • Dave

      For realz… Steve Blow-Joarbs should remove it from the MAC, and the hundreds of millions of websites that use it too! Then I’d never have to put up with anything that Steve didn’t okay first! Hur Hur…

      • John

        Mac*

      • http://twitter.com/gnomehole The Gnome

        +1 … its Mac

    • http://twitter.com/tentaclebernard Bernard Bernoulli

      Why does the headline of the article say “for PC, Android” when the announcement says “Windows, Mac, Linux and Android”?

      In other words, your mac is just as vulnerable troll. Actually it is more vulnerable than Android because in Android you have to click on a word doc attachment in an email and open it and then also click on the flash object in the document and say you want to enable it (flash is “on demand” in Android).

      • invid

        Actually it’s probably not more vulnerable. Flash runs so poorly on OS X that I’d wager that most Mac users run flashblock as a matter of course. “On demand” if you will.

        I run flash blockers on OS X and Linux, since Adobe can’t code their way out of a paper bag on either platform. In truth, from the number of security flaws with Flash recently, they can’t code their way out of a paper bag on any platform. I don’t miss it on iOS.

      • kip

        it’s adorable when techies assume other people use ad block and flash block.

      • invid

        Haha. Fair point, but in my defence I also mentioned Linux and I doubt there are many non-technical Linux users.

        Point taken though. ;)

    • mmmmmhead

      you sound like u suk on Job’s d1ck everyday.. If he told you that you can only sh1t on Wednesdays, you’d probably listen.

      You have no idea what you’re even saying, TOOL!

      winBSODows is a brainwashed tool !!!!

  • me

    Is this still news?
    It appears there is a huge new exploit every week.

    • John

      welcome to the world of software.

  • Dave

    So what do you gain by calling it a “PC, Android” issue in the headline and then admitting that it affects all platforms in the first sentence of the article?

    • SSH-To-HELL

      PC: Windows, Mac, Linux
      and
      Android.

    • Anonymous

      Nevermind, it’s already been said.

    • WTF

      Those who live under a rock called android are slow to learn.

  • Anonymous

    Google to users: Good luck.

  • Anonymous

    Most users know to avoid it?
    Please, most users click obvious scams on Facebook, have a virus at least once a year, and are likely to have their FB account “hacked”.

  • http://www.droiddoes.com/ Norm

    LOL, at least I have the choice to be exploited with my DROIDS. IOS doesn’t even get that choice…losers!!!

    • John

      how many droids do you have?

      • http://pulse.yahoo.com/_GP2WYAHXS6CRUREISWBGPUSUGE Michael

        Droid is a line of Phones, like Evo is a line of phones… Android is the Operating System….
        and to answer your question… personally, 4 Android powered devices.

      • John

        ya i know. i was asking that as an acrimonious douche

        (calling android a droid is a pet peeve of mine (i’m anal, obviously). i blame vzw for causing this constant confusion for most)

      • http://www.droiddoes.com/ Norm

        I know it’s called android, but as you said it’s easier to say DROID when normal consumers ask what im messing with. Verizon did a great job and you should blame them.

      • RealDeal

        Don’t feed the troll

      • WTF

        Those who live under a rock called android are slow to learn.

    • Anonymous

      that is a choice I am really glad not to have… seriously a guy named Norm bragging about able to choose to be exploited…. That is like going to jail l made my choice to get butt raped and become bubba’s bitch

      • http://twitter.com/Aleis Jayrock

        or..how bout be a man and fight bubba…for your manhood…o forget it.
        YOU would get raped in jail.

    • Anonymous

      Oh man I lol’d hard.

    • http://twitter.com/gnomehole The Gnome

      Wow, you buy DROIDS? Must have to use a couple in order to have the battery last all day.. on that “open” POS.

      Hey kid, leave the serious talk to the adults and go troll with your 15 year old friends…

      Norm = fail.

    • http://twitter.com/zc456 Squeaks

      ….

      Really? Seriously, you set yourself up for that one.

    • mmmmmhead

      smelly troll!

    • Anonymous

      Dipshit!

  • http://twitter.com/Aleis Jayrock

    UM…the mac has it also!

    • Anonymous

      PC: Windows, Linux, Mac OS
      Android: Any phone running android.

  • http://twitter.com/bradleyjp Bradley Petrik

    Hate to break it to you, most users don’t.

  • http://pulse.yahoo.com/_GP2WYAHXS6CRUREISWBGPUSUGE Michael

    Good thing i didn’t update and still rocking 10.1.

    • http://twitter.com/tarund TarunD

      Yeah, good thing, Michael. Now you’re actually open to more vulnerabilities rather then the1 known. You’re just so smart.

      • http://pulse.yahoo.com/_GP2WYAHXS6CRUREISWBGPUSUGE Michael

        It’s a sarcastic comment. man i’m glad i don’t work with you people.

  • Anonymous

    Unfortunately, the security hole isn’t gaping enough to push a decent framerate through. Oh well.

  • Anonymous

    Hmmm Windows get securtity updates every tuesday doesnt it? Or once a month at least?
    And yet, it has 90% of the market…

    Same for Android…

    Sorry Apple lovers…

    • Anonymous

      Correct ZAPATITO! The only ones geeky enough to know how to deal with this are goofans (aka apple haters)…

  • Joel

    HTML5 > Adobe Flash

    HTML5 is less of a battery hog as well.

    • http://twitter.com/zc456 Squeaks

      We get it…

    • mmmmmhead

      On demand flash is good too.. only use it when I need it.

  • B623748

    And why are we still using Flash..

    • Anonymous

      Because apple said they wouldn’t. Goofans (aka Apple Haters) simply, right or wrong, go against, by our nature, whatever apple says.

  • http://twitter.com/mattsinopoli mattsinopoli

    whoopsie. I swear I see this headline like once a month.

  • Anonymous

    Yeah, that GAPING HOLE is the vacuous void on a web page after it loads in SAFARI.

    • Anonymous

      (_)_)//////////D

      • Anonymous

        Very creative, now get some of your iFægs to suck on it: Bringit, Numetheus, Mike Gonzalez, Senor Chang???? You guys should be experts!

      • Anonymous

        Suk ma fat hairy veiny cawk.

  • http://profiles.google.com/johnslangster John Lang

    I just blew a huge smelly fart, and oh jesus it smells so bad its burning my eyes.

    Oh hey everybody, yeah Flash does suck, but being able to see a flash site is nice.
    Not being able to zilch about it on Apple products stinks too.
    Xoom, can run flash but costs as much as iPad
    iPad and iPhone cant run flash, leaving you SOL if you really needed to see a specific web page.

    If you have an Android phone you wouldnt have this problem since it runs flash.
    My office still smells pretty bad, but the fan in hear is clearing out the smell pretty quickly.
    Steve Jobs told you he doesnt want you running flash, but you must pay him 600$ for an iPad
    so you can view 70% of the internetz. Motorola says buy Xoom so you can be a MAN !!!!!
    Just keep that charger handy.

  • http://twitter.com/zc456 Squeaks

    Again… As much I don’t mind using Flash in situations that need it, still prefer to live without it.

  • dwinsmith

    What’s new…

  • Anonymous

    Flash is such a liability for webOS (and all other operating systems for that matter). I don’t want it on my Pre 3 at all. I’m glad that HP/Palm made it really easy to disable, but I would love for them to give users the option to just remove it entirely.

    Adobe sucks.

  • Anonymous

    Can we sandbox this thing into oblivion already?

    • http://twitter.com/zc456 Squeaks

      I wish…

  • http://www.hdflvplayer.net/ Flv Player

    Its good that Adobe did this update in the latest version now!

blog comments powered by Disqus