Network News

X My Profile
View More Activity

Adobe Issues Critical Macromedia Flash Update

Adobe has released updated versions of its ubiquitous Macromedia Flash and Shockwave online media players, which the company said fix several critical security vulnerabilities in previous versions.

Adobe said that if a user loaded a specially crafted Shockwave file from a malicious Web site, that site could hijack that person's browser and potentially seize complete control over the visitor's computer.

Microsoft Windows users are more or less guaranteed to have Flash on their systems whether they recall installing it or not. The program was redistributed with Windows XP Service Packs 1 and 2, Windows 98, Windows 98 SE, and Windows Millennium Edition, according to a separate advisory Microsoft issued Tuesday. Adobe says updated versions of Flash Player 7 for Linux and Solaris, which contain fixes for these vulnerabilities, are also available from the Adobe Player Download Center (the link is a bit hard to find -- it's actually at the "alternates" download page.)

The problem affects Flash Player versions 8.0.22.0 and earlier. To see what version you have installed, check out this link. To update, go here.

Shockwave versions 10.1.0.11 and earlier also have this problem. Updates for that player are here. In addition, you will need to update if you are using Adobe's Breeze Meeting Add-In version 5.1 and earlier, or the Flash Debug Player version 7.0.14.0 and earlier.

Alternatively, if you're completely spooked by this advisory or simply don't want Flash on your system anymore, Adobe has kindly posted a program to help you uninstall it. The company also has put up instructions on how to manually remove the ActiveX Flash player from Internet Explorer.

By Brian Krebs  |  March 15, 2006; 11:45 AM ET
Categories:  New Patches  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Microsoft Patches: Two for Tuesday
Next: Anti-Spyrus Software and the Keylogger Conundrum

No comments have been posted to this entry.

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company