Adobe expects Flash flaw fix today
Adobe has said it expects to fix a critical vulnerability in Flash today, a week ahead of schedule.
Adobe expects to fix a critical Flash Player vulnerability today, a week before it had planned to issue a patch.
Alarm bells were ringing last week when reports emerged the flaw was being actively exploited in the wild against Adobe Flash on Windows.
An update for Flash on the Windows, Macintosh, Linux, Solaris and Android operating systems is now due to be issued today.
Google Chrome users can already protect themselves by updating to version 6.0.472.62 of the browser.
The same vulnerability exists in Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, as well as Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh.
Adobe said it expects to fix the problem in those software models during the week starting 4 October, although it has not been made aware of any attacks exploiting the vulnerability in Reader or Acrobat.
Chester Wisniewski, senior security advisor at Sophos Canada, said Adobe had most likely moved the update forward because the vulnerability had been exploited in the wild.
"Stay tuned for information on the upcoming Adobe fixes. They will be very high priority and I recommend planning your deployment of these fixes as soon as possible," Wisniewski added in a blog post.
-
OpenAI expands 'Daybreak' cyber program: New tools, partnerships, and a cyber-focused GPT-5.5 aim to help 'patch the world'News The company has added new tools, signed up partners, and released its GPT-5.5-Cyber model more widely
-
AI is shrinking attack windows, and it’s forcing a complete rethink of cyber resilience – here’s how organizations can prepareNews Commvault has urged companies to improve their business continuity and resilience plans in the face of flaws spotted by AI
-
Anthropic targets vulnerability detection gains with Claude Security public beta — here's what users can expectNews The Claude Mythos developer is aiming for a more limited approach to cyber tooling for public consumption
-
Researchers warn millions of RDP and VNC servers are wide open to exploitationNews Researchers at Forescout spotted millions of RDP and VNC servers exposed online
-
North Korean hackers are duping freelance developers with fake interviews to steal cryptocurrency and deliver malware — Sophos warns the 'Nickel Alley' group is using LinkedIn, Upwork, and Fiverr to target victimsNews A fake interview process uses coding tests and repo downloads to deliver malware
-
Brace yourselves for a vulnerability explosion, Forescout warnsNews AI advances are helping identify software flaws at record pace and scale, but that's not the good news some would think
-
Ubuntu vulnerability exposes enterprises to root escalation, complete system compromiseNews The high-severity Ubuntu vulnerability allows an unprivileged local attacker to escalate privileges through the interaction of two standard system components
-
Security agencies issue warning over critical Cisco Catalyst SD-WAN vulnerabilityNews Threat actors have been exploiting the vulnerability to achieve root access since 2023
