Adobe Issues Security Warning for Android Flash Player
Critical vulnerability, now for Android
Adobe recently announced a critical vulnerability in multiple versions of its Flash Player, including version 10.1.92.10 for Android. The vulnerability causes crashes and can allow an attacker to take control of the affected system.
The vulnerability (CVE-2010-2884) is also present in Adobe Reader 9.3.4 for Windows, Mac, and UNIX and in Flash Player 10.1.82.76 for Windows, Mac, Linux, and Solaris.
From Adobe's announcement:
We are in the process of finalizing a fix for the issue and expect to provide an update for Adobe Flash Player for Windows, Macintosh, Linux, Solaris, and Android operating systems during the week of September 27, 2010. We expect to provide updates for Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 for Windows and Macintosh during the week of October 4, 2010.
In the meantime, tread lightly.