The Tech Herald

Adobe moves to patch zero-day XSS vulnerability

by Steven Mostyn - Sep 22 2011, 17:28

Fixed... in a flash? Image: Adobe.

Seemingly a bit slow on the uptake where keeping its Flash Player protected from outside intrusion is concerned, Adobe has moved to patch a zero-day vulnerability that’s apparently already being exploited by hackers.

“There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivering in an email message,” outlined Adobe in its official advisory.

“This universal cross-site scripting issue could be used to take actions on a user’s behalf on any website provider, if the user visits a malicious website,” it added.

The cross-site scripting fix in question (CVE-2011-2444)—which addresses a glitch similar to one used to strike at Gmail accounts back in June—was rolled out yesterday alongside a total of five others.

According to Adobe, four of the other five fixes close holes that could also allow attackers to execute potentially damaging code on targeted systems.

Adobe’s patch is compatible with Flash Player version 10.3.183.7 and earlier and has been released for Windows, Macintosh, Linux and Solaris. It also functions with Flash Player 10.3.186.6 and earlier on devices running Google Android.

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

Chevrolet shows off the 2015 Colorado with digital experience

Chevrolet has launched a new website to show buyers all the bells and whistles available on ...

Mazda to debut CX-3 and MX-5 at Los Angeles Auto Show

Mazda has announced plans to premiere the new Mazda CX 3, its new compact crossover SUV, at ...

Ford issues safety recall for 204,448 Ford Edge and Lincoln MKX

Ford has issued a safety recall for 204,448 of the 2007-2008 Ford Edge and Lincoln MKX in No...

Mopar Previews SEMA Custom Rides

We have added a set of pictures released by Mopar ahead of the SEMA Show. Mopar are bri...

Audi R8 Competition – The Most Powerful Production Audi Ever

Audi has revealed details of their new super-fast Audi R8 Competititon — the most powerful a...