Adobe releases Flash Player 10.1, fixes 32 bugs

Share this article:
Adobe on Thursday officially released Adobe Flash Player 10.1 to fix 32 vulnerabilities, some of which could cause an application to crash or allow an attacker to take control of an affected system.

Flash 10.1 has been available in beta for a number of months but was officially released this week for Windows, Macintosh, Linux operating systems. Among the vulnerabilities fixed includes a "critical" memory corruption weakness disclosed last week that is being actively exploited in the wild.

The flaw, which could cause a crash or lead to code execution, is present in Flash 10.0.45.2 and earlier versions. It also affects the authplay.dll component of Adobe Reader and Acrobat 9. That software is scheduled to be patched for the flaw on June 29.

“It might look like Adobe made heroic efforts to fix this bug in short order, but it's much more likely they have been working on the fix for a while and just finished the packaging and QA [quality assurance] process,” Andrew Storms, director of security at vulnerability management firm nCircle said in a statement.

The update also includes fixes for a number of other bugs, which could allow an attacker to execute arbitrary code or cause a denial-of-service condition affecting Flash 10.0.45.2 and earlier versions and Adobe AIR 1.5.3.9130 and earlier versions. Users of AIR should update to version 2.0.2.12610.

Additionally, a prerelease version of Flash 10.1 for Solaris is available to address the vulnerabilities, Adobe said. Users who cannot update to Flash 10.1 can deploy a patched version of Flash 9, which was also released Thursday.

In an advisory posted Thursday, US-CERT encouraged users and administrators to review Adobe's security bulletin and update. Adobe classified the update as critical and also recommended users move to the newest versions. 

Share this article:

Sign up to our newsletters

More in News

Hackers target video game companies to lift copy protections and develop cheats

A threat group is targeting video game companies in order to lift DRM protections, develop cheats and possibly to steal source code.

Android malware spreads via mail tracking SMS spam

The mobile malware is currently targeting German users, McAfee revealed.

About 2,800 victims of worldwide info-stealing campaign targeting various sectors

About 2,800 victims of worldwide info-stealing campaign targeting ...

Unknown attackers have claimed about 2,800 victims in an ongoing information-stealing campaign identified by Kaspersky Lab as "Crouching Yeti."