Adobe Warns of Flash, PDF Zero-Day Attacks 216
InfosecWarrior writes "Adobe issued an alert late Friday night to warn about zero-day attacks against an unpatched vulnerability in its Reader and Flash Player software products. The vulnerability, described as critical, affects Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux, and Solaris operating systems. It also affects the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh, and Unix operating systems."
64 bit Linux (Score:2, Interesting)
I see the 64 bit Flash plugin for Linux has not been updated. Anyone heard of a timeline for this update?
Call me dumb, but... (Score:2, Interesting)
Re:Zero-day? (Score:3, Interesting)
Perhaps I should have downloaded and tried analyzing it. Not sure where it actually comes from- yahoo may use 3rd party servers for caching, and nowadays stuff like facebook also gets involved etc.
HTML5 v. Flash security (Score:4, Interesting)
I wonder about this. I'm sure it's a rather complex issue (that will be picked apart time again for years to come), but the one idea that leapt out at me was one you pointed out:
... HTML5 core part of browsers will likely be much better maintained & secured than [Flash], will help.
HTML5 may not be a silver bullet, but my intuition tells me we'll be much better off. But not having a clear idea of exactly why this is and spouting my intuition out, while perhaps a Slashdot tradition, is not very constructive, so I offer this intuition with this disclaimer.