Adobe promises Flash fix next week
Adobe will issue a fix for a critical vulnerability in its Flash and Reader software next week.
The flaw affects the “authplay.dll” which is tasked with handling Flash content embedded within PDF files. That means the flaw affects all versions of Flash player, Reader and Acrobat on all platforms, including Linux.
Speaking ona security advisory, the company has warned that the flaw “could potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild via limited, targeted attacks against Adobe Reader v9 on Windows.”
The company has promised to patch all versions of Flash by 30 July, with Reader and Acrobat fixes coming the following day. In the meantime, the company is advising that users delete or rename authplay.dll in order to avoid becoming targets of the attacks. Adobe has posted a detailed workaround on its site.
Unfortunately, there’s still no workaround for Flash with Adobe claiming only that “users should exercise caution in browsing untrusted websites.”