Severe Adobe Flash + Acrobat vulnerability? - /dev/oei

... beats /dev/random for entropy. This is a tumblelog of quotes, links, snippets, and occasionally a few paragraphs of my own. Your feedback is most welcome; please look for "Send a message" on my Google profile

September 16, 2010

4:00 pm

Severe Adobe Flash + Acrobat vulnerability?

Via LWN:

For those of you using the Adobe Flash player (including on Linux or Android), and, possibly, Adobe Reader users as well: the company has announced a “critical” vulnerability which, evidently, is being actively exploited.

We get to wonder how this can possibly be a critical vulnerability on each and every platform it runs on. Also, we’ll probably never find out how it worked. It’s the latter that annoys me.

As for security measures, there’s a choice between not having Flash at all, or hammering out a tight MAC policy. For me, the former is less hassle ;)