Adobe patches critical Flash flaw
Adobe released a security bulletin revealing the 32 vulnerabilities that it has patched with the release of Flash 10.1(.53.64). Among those is the critical 0-day flaw that has recently been spotted being exploited in the wild.
An update that will patch a similar 0-day flaw in Reader and Acrobat is scheduled for the end of the month.
The release of this version of Flash was also scheduled for the end of June, but it seems that the discovery of such a critical vulnerability forced Adobe to push it out earlier. A new version of Adobe AIR was also released, and users are advised to update it.
The 32 vulnerabilities affected Flash Player version 10.0.45.2 and earlier, and could cause the application to crash and could potentially allow an attacker to take control of the affected system. The update resolved memory exhaustion and corruption vulnerabilities, indexing and heap corruption flaws, denial of service issues, pointer memory corruption vulnerabilities, and many other – mostly leading to code execution.