Topic: Adobe pushes out Flash security fix (version 10.0.45.2)

[Samker]

Adobe has published a cross-platform update for Flash that addresses a potentially serious security flaw.

Flash Player users are advised to upgrade to version 10.0.45.2 to plug a hole in earlier versions of the software that means the domain sandbox security protection could be bypassed to make unauthorized cross-domain requests.

The two-part fix means surfers also need to upgrade to Adobe AIR version 1.5.3.1930, as explained in Adobe's bulletin here: http://www.adobe.com/support/security/bulletins/apsb10-06.html

The cross-platform update applies to Windows, Mac and Linux versions of the software.

In related news, Adobe promised relief from a critical vulnerability in Acrobat and Reader with a patch due to arrive next Tuesday, 16 February: http://www.adobe.com/support/security/bulletins/apsb10-07.html
This fix is related to the Flash problem which is why Adobe is releasing an update outside its recently announced quarterly patch cycle.

Flaws in Adobe software, second only to Microsoft, have been exploited in numerous targeted hacker attack over recent months, prompting some security watchers to advise users to consider the use of alternative PDF readers. Adobe is beginning to get to grips with the problem but its patching process often remains cumbersome and fiddly.

(Register)

[Brian]

Too bad there isn't an alternative to Adobe Flash Player that can play flash videos and files in the web browser. At least for Adobe Reader, we have Foxit Reader.

[Samker]

Too bad there isn't an alternative to Adobe Flash Player that can play flash videos and files in the web browser. At least for Adobe Reader, we have Foxit Reader.

Brian, please check Gnash project: http://www.gnu.org/software/gnash/

Right now it's not a flash replacement, but who knows?