Adobe identifies another critical Flash Player bug
Users of Flash and AIR have been urged to update their software, while Acrobat and Reader users will get a new update next week.

Fresh from its admission that it left a Flash bug untreated for 16 months, Adobe has revealed another critical Flash issue, as well as separate holes in its Reader and Acrobat software.
The software giant says the new Flash vulnerability could subvert the domain sandbox and make unauthorised cross-domain requests. Anyone running Flash Player version 10.0.42.34 and earlier are potentially affected, with Adobe recommending they upgrade to version 10.0.45.2.
Also affected are Adobe AIR versions 1.5.3.1920 and earlier, with Adobe similarly recommending that users update to Adobe AIR 1.5.3.1930.
Information on which version of Flash is running can be found on the About Flash Player page, or by right-clicking on any content running in the player and selecting "About Adobe [or Macromedia] Flash Player". The check should be performed for each browser installed on the system.
AIR users can see which version number they have installed by following the instructions on the Adobe AIR TechNote.
Adobe has also announced it will be issuing an update next week for its Reader and Acrobat software to resolve critical security issue, including the Flash-related vulnerability detailed above.
The affected versions are Adobe Reader 9.3 for Windows, Mac and UNIX; Adobe Acrobat 9.3 for Windows and Mac; and Adobe Reader 8.2 and Acrobat 8.2 for Windows and Mac.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
For the latest details, users are advised to monitor the Adobe Product Security Incident Response Team blog.
-
M&S suspends online sales as 'cyber incident' continues
News Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
By Ross Kelly
-
Manners cost nothing, unless you’re using ChatGPT
Opinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
By Ross Kelly
-
Warning issued over “incomplete” fix for Adobe ColdFusion vulnerability
News An incomplete fix for a vulnerability disclosure could be placing users at risk, researchers warned
By Ross Kelly
-
Adobe forced to patch its own failed security update
News Company issues new fix for e-commerce vulnerability after researchers bypass the original update
By Danny Bradbury
-
Ask more from your CMS
Whitepaper How to get the most value in the shortest timespan
By ITPro
-
Adobe battles fake photos with editing tags
News Photoshop will include new tagging tools later this year to help fight against misinformation and deep fakes
By Nicole Kobie
-
Adobe Photoshop Elements 2019 review: Trapped in the photo-editing middle ground
Reviews A once peerless beginner’s photo-editing package that’s past its prime
By Barry Collins
-
How Adobe saved BT £630,000
Sponsored Adobe’s digital signature platform is saving time and money - and forging stronger connections between businesses and customers
By ITPro
-
Don't settle when it comes to creativity
Sponsored Getting the best out of your creative design team means equipping them with the best software
By ITPro
-
The benefits of a subscription service
Sponsored Why software vendors are increasingly moving to a subscription model
By ITPro