Flash Player version 10.1 has just recently been rolled out and there is one very good reason why you should get it immediately – security. As you may remember, Adobe recently announced that Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris are plagued by a critical security vulnerability which, if exploited by a person with malicious intent, could give the attacker control of the targeted machine.
At the time Adobe said that Flash Player 10.1 RC was not vulnerable. The problem was that at the time Adobe Flash Player 10.1 was still an RC (Release Candidate) – now it has been released as a final, stable application. At least from a security point of view, you are well advised to get this latest version.
SPONSORED LINKS
Please note that the vulnerability that plagues Flash Player 10.0 and previous versions is being actively exploited in the wild. You should also note that Adobe Reader Adobe Reader and Acrobat 9.3.2 for Windows, Macintosh and UNIX are also affected by this critical vulnerability. Adobe said a patch will be issued by June 29.
It should definitely be noted that in total Flash Player 10.1 fixes more than 30 security issues. Here they are:
CVE-2010-1297 – A memory corruption vulnerability that could lead to code execution (this issue is being actively exploited in the wild). This is the vulnerability that made the headlines earlier this week.
CVE-2009-3793 - a memory exhaustion vulnerability that could lead to code execution
CVE-2010-2160 - a memory corruption vulnerability that could lead to code execution
CVE-2010-2161 - an indexing vulnerability that could lead to code execution
CVE-2010-2162 - a heap corruption vulnerability that could lead to code execution
CVE-2010-2163 - multiple vulnerabilities that could lead to code execution
CVE-2010-2164 - a use after free vulnerability that could lead to code execution
CVE-2010-2165 - a memory corruption vulnerability that could lead to code execution
CVE-2010-2166 - a memory corruption vulnerability that could lead to code execution
CVE-2010-2167 - multiple heap overflow vulnerabilities that could lead to code execution .
CVE-2010-2169 - a pointer memory corruption that could lead to code execution
CVE-2010-2170 - an integer overflow vulnerability that could lead to code execution
CVE-2010-2171 - a memory corruption vulnerability that could lead to code execution
CVE-2010-2172 - a denial of service issue on some UNIX platforms (Flash Player 9 only)
CVE-2010-2173 - an invalid pointer vulnerability that could lead to code execution
CVE-2010-2174 - an invalid pointer vulnerability that could lead to code execution
CVE-2010-2175 - a memory corruption vulnerability that could lead to code execution
CVE-2010-2176 - a memory corruption vulnerability that could lead to code execution
CVE-2010-2177 - a memory corruption vulnerability that could lead to code execution
CVE-2010-2178 - a memory corruption vulnerability that could lead to code execution
CVE-2010-2179 - a URL parsing vulnerability that could lead to cross-site scripting (Firefox and Chrome browsers only)
CVE-2010-2180 - a memory corruption vulnerability that could lead to code execution
CVE-2010-2181 - an integer overflow vulnerability that could lead to code execution
CVE-2010-2182 - a memory corruption vulnerability that could lead to code execution
CVE-2010-2183 - a integer overflow vulnerability that could lead to code execution
CVE-2010-2184 - a memory corruption vulnerability that could lead to code execution
CVE-2010-2185 - a buffer overflow vulnerability that could lead to code execution
CVE-2010-2186 - a denial of service vulnerability that can cause the application to crash. Arbitrary code execution has not been demonstrated, but may be possible
CVE-2010-2187 - a memory corruption vulnerability that could lead to code execution
CVE-2010-2188 - a memory corruption vulnerability that could lead to code execution
CVE-2010-2189 - a memory corruption vulnerability that could lead to code execution
Note: This issue occurs only on VMWare systems with VMWare Tools enabled
CVE-2008-4546 - A denial of service issue
Adobe Flash Player 10.1 is available for download here.
Flash Player version 10.1 has just recently been rolled out and there is one very good reason why you should get it immediately – security. As you may remember, Adobe recently 