Adobe has announced that it is planning to address a security vulnerability in Flash Player 10.1.92.10 for Android, as well as the versions for Mac, Windows, and Unix; and Acrobat reader for Mac, Windows, and Unix. They've marked this vulnerability as critical, which means it has the potential to crash and allow code to run on the users machine. There are reports of attacks against Windows machines in the wild, but no reports of any other operating systems being affected as of yet. Expect the fix the week of the Sept. 27, according to Adobe.
Do note that Adobe isn't saying that there are existing attacks against Android, only that the potential is there and they will be releasing a fix. Also, while nobody has come forward and explicitly said so, this likely has potential to exploit and root an Android phone much like was used on the Evo 4G a while back. Be on the lookout for an update to your Flash Player, and we'll be sure to remind you when we see it rolling out. [Adobe]
- Filed under: