xbiz world
xbiz premiere

Adobe Reports Critical Flash Vulnerability

LOS ANGELES — Adobe has issued a warning about a critical vulnerability in the current versions of some of its most popular software products; the latest in a series of similar warnings to affect the software giant.

According to the company, the affected programs are Flash Player (v9.0.159.0 and v10.0.22.87) for Windows, Macintosh and Linux operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for Windows, Macintosh and UNIX operating systems.

"This vulnerability (CVE-2009-1862) could cause a crash and potentially allow an attacker to take control of the affected system," stated a company release. "There are reports that this vulnerability is being actively exploited in the wild via limited, targeted attacks against Adobe Reader v9 on Windows."

Adobe is in the process of developing a fix and expects to provide an update for Flash Player before July 30 and an update for Adobe Reader and Acrobat by July 31.

"Deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat v9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF that contains SWF content," Adobe advises.

According to the company, the authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll or C:\Program Files\Adobe\Acrobat 9.0]\Acrobat\authplay.dll.

"Windows Vista users should consider enabling UAC (User Access Control) to mitigate the impact of a potential exploit. Flash Player users should exercise caution in browsing untrusted websites," Adobe further cautioned, adding that "Adobe is in contact with Antivirus and Security vendors regarding the issue and recommend users keep their anti-virus definitions up to date."

John Bambenek of US-CERT's SANS Internet Storm Center says that the vulnerability is currently being exploited by malicious sites as well as via link injection into legitimate websites as part of a drive-by attack.

US-CERT is advising Windows users to disable Flash in Adobe Reader 9 and to disable the Flash Player — a move which would render most tube sites unusable to their visitors and brings with it broader implications for the online adult community and consumer's access to our wares.

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

Australian Conservatives Raise Concerns About US-Born Online Censor

Long after progressive free speech advocates in Australia questioned E-Safety Commissioner Julie Inman Grant over her campaigns to target adult content, conservatives and libertarians are now raising concerns about the powers granted to the country’s top censor — an unelected former tech exec born in the U.S. — with some calling for her ouster.

Cupcake Girls, Aylo Partner on Educational Video Series for Performers

The Cupcake Girls and Aylo have teamed up to produce a series of educational videos focused on safety standards for adult performers.

My.Club Appoints Nicole Aniston Newest Brand Ambassador

My.Club has named Nicole Aniston its newest brand ambassador.

Elevated X Implements Age Verification Solution, Integration API

Elevated X is now offering age verification services (AVS) through an API.

MojoHost Unveils 'Star Wars Day' Promo

MojoHost will celebrate “Star Wars Day” on Saturday by offering a special discount on new purchases of dedicated servers, VPS and CDN prepay plans throughout the month of May.

2024 XBIZ Miami Show Schedule Announced

XBIZ is pleased to announce the release of the full show schedule for XBIZ Miami, the adult industry's biggest summer conference, set to take place May 13-16.

Video: FSC's Alison Boden Testifies Before California Assembly Committee Regarding Age Verification

Free Speech Coalition Executive Director Alison Boden testified before the California Assembly Judiciary Committee on Tuesday, in opposition to the state’s version of the age verification bills being sponsored around the country by anti-porn religious conservative activists.

Princess Mindy Is LoyalFans' 'Featured Creator' for May

LoyalFans has named Princess Mindy as its Featured Creator for May.

Republicans Behind Oklahoma's New Age Verification Law Gleeful About Potential Pornhub 'Exit'

Republican Gov. Kevin Stitt has signed into law Oklahoma’s version of the age verification legislation being sponsored around the country by anti-porn religious conservative activists.

Woodhull Freedom Foundation Debuts 'Fact Checked by Woodhull' Program

The Woodhull Freedom Foundation has launched its new "Fact Checked by Woodhull" program, which uses peer-reviewed research, compiled and analyzed by professional researchers, to debunk myths weaponized to justify the repression of sex, sexuality and gender expression.

Show More