Impact of Microsoft ATL vulnerability on Adobe products

Adobe evaluated the impact of the vulnerable versions of the Microsoft Active Template Library (ATL) on their product portfolio. They determined that Flash Player 9.0.159.0 and 10.0.22.87, and earlier 9.x and 10.x versions installed on Windows for use with Internet Explorer leverage a vulnerable version of the ATL.

Note that this vulnerability is exclusive to Internet Explorer on Windows. Installations of Flash Player for Firefox or other web browsers on Windows are not vulnerable.

Adobe are in the process of developing a fix for the issue, and expect to provide an update for Flash Player 9 and 10 for Windows by July 30, 2009. Users should consider installing the latest cumulative security update for Internet Explorer.

As the Shockwave Player goes, this vulnerability has been patched in the latest version.