Adobe Patches Flash Vulnerability

Execution of remote arbitrary code possible on Flash Player v.8.0.22 and earlier

JavaScriptSearch
Tuesday, March 21, 2006; 02:12 AM

An update for the Flash Player, addressing a serious security issue, is now available on the Macromedia website.  Adobe recommends all Flash Player 8 and earlier users upgrade to the new version 8.0.24.0.  According to the company's severity ratings for vulnerabilities, the update is considered critical - the highest on their four-level scale.

The available updates fix flaws in previous versions of tha software that can allow execution of malicios code. These vulnerabilities could be exploited through content loaded via the user’s web browser, email client, or other applications. Updated versions of Flash Player 7 for Linux and Solaris, which contain fixes for these vulnerabilities, are available.  Breeze Meeting add-in version 5.0 or earlier is also affected.

Adobe credited Microsoft with reporting the flaws.  Both companies have published advisories on dealing with the vulnerabilities.