A fix is expected later Monday for a critical vulnerability in Adobe Flash Player 10.x and earlier versions used on various operating systems, as well as Reader and Acrobat X, the company said. The flaw could cause a crash and enable an attacker to gain control of an affected system. Limited exploits in the wild against Flash Player – embedded in an Excel file and attached to email – have been reported. Adobe stated that it is not aware of attacks targeting Adobe Reader and Acrobat.
Organizations using Progress Software's enterprise-grade WS_FTP Server secure file transfer software have been urged to immediately remediate a maximum severity vulnerability, which has been fixed along with other bugs as part of a security update, reports BleepingComputer.