ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Adobe patches Flash Player zero-day

By | September 20, 2010, 10:29pm PDT

Summary: Adobe has shipped another Flash Player update to fix a critical vulnerability that was being exploited in live malware attacks.

Adobe has shipped another Flash Player update to fix a critical vulnerability that was being exploited in live malware attacks.

The flaw, which surfaced last week as a zero-day attack against Windows systems, allows remote code execution via rigged Flash files.

According to Adobe, the vulnerability affects Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux and Solaris.   It also affects Flash Player 10.1.92.10 for Android.

The security hole also allows code execution on Adobe Reader but that product will not be patched until the week of October 4, 2010.follow Ryan Naraine on twitter

This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows. Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date.

Adobe recommends users of Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux and Solaris update to Adobe Flash Player 10.1.85.3.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Adobe Systems Inc., Adobe Flash, Vulnerability, Adobe Flash Player, Microsoft Windows, Sun Solaris, Operating Systems, Desktops, Security, Software, Hardware, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
44
Comments
Add Your Opinion

Join the conversation!

Just In

hardware
harware Updated - 27th Jan
I am the great blog. Appel for his deliberately to phone and security on the Flash Player. For security reasons, this is an advantage for the user, but the application has a clear disadvantage. Computer kaufen
View in thread
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
ALISON SMOCK 20th Sep 2010
"This version of Flash Player is not designed for Internet Explorer 9 Beta"
Can I overlook this warning ?
Is this update still bundled with the GoogleBar trojan ?
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
LesBater 21st Sep 2010
@stebidri
I installed the 10.1.85.3 update to the 32bit version of IE9 beta on a Vista x32 and Windows7 x64 system. This only works on the 32bit IE9 browser and not the 64bit version. I manually uninstalled the previous version via "Programs and Freatures" and then just brought up the 32bit version of IE9 beta and under MSN video it indicated that I needed to download Flash Player. Just clicked on it and was sent to Adobe and the Flash download. Just clicked on install and installed without any issues. Now the videos play without any problems or warning messages.

les
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
gogon gondrong Updated - 21st Jul
vulnerability is being actively exploited in the wild against british urban from it kids is from playing saint only goverment to need online always today from finance and lot of money Adobe
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
Jeffrey1980 13th Sep
@LesBater
I am glad to be using an android tablet instead of an iPad so I can view flash content. It does have exploits sometimes but it is still practical to have.

posted via tablet android
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
disturbforce 16th Sep
@LesBater Thanks for sharing. i really appreciate it that you shared with us such a informative post..
Theses Coursework Assignment
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
disturbforce 16th Sep
@LesBater I will forward this article to him. Pretty sure he will have a good read. Thanks for sharing!
Dissertation Writing Assignment Writing
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
DavidKlein 17th Sep
Very useful update. I finally got rid of the malware problem! I almost went crazy because of all the malware warnings! thanks! Solarenergie handyvertrag
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
dhape 18th Sep
Proper use of Secure Socket Layer security is a mystery even to many virtual server administrators, but it seems to be mysterious even to the developers who build it into their products-whether they know it or not. Where To Find Coupons
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
RichardForbes 26th Sep
that problem was really huge for my computer systems. Malware was all about, even some different programs were infected. I had to uninstall everything and start from zero. Would have been great if I'd have read this first. Thanks for sharing and clarifying anyways! pc system
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
disturbforce 28th Sep
@LesBater Just clicked on install and installed without any issues. Now the videos play without any problems or warning messages. Life Experience Degree
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
Amanda123456 29th Sep
Neither. Like most Adobe products, Reader provides its own Flash runtime rather than using a systemwide-installed version, such as the ActiveX control. In other words, when a Flash vulnerability is fixed, nearly every Adobe product needs to be re-released with the fixed runtime.
budapest hotels
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
sandeep158 18th Oct
The author has written an excellent article. You made your point and not much to discuss. advertise jobs It's like this universal truth that you can not argue with the truth is not universal, everything has its exception. Thanks for this information.
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
lovedong 12th Sep
Those were great! chanel bags
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
nestdrive 17th Sep
@lovedong The difference between the right word and the almost right word is really IAO Accreditation International Accreditation Organization a large matter ??? it's the difference between a lightning bug and the lightning.
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
nestdrive 17th Sep
@lovedong I'm the same way, I do my best to remain neutral. It's hard, Universal Degrees if you communicate with the person the other person dislikes, then you fall out of favor with them! I simple can't dislike a person, Woodfield University just because someone else does, I just can't.
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
xiaodou 26th Sep
fendi bags
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
xiaodou 26th Sep
omega replica watches
0 Votes
+ -
Use Microsoft's EMET
betelgeuse68 Updated - 20th Sep 2010
Use Microsoft's EMET:

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=c6f0a6ee-05ac-4eb6-acd0-362559fd2f04&displayLang=en

EMET was previously outlined to short circuit the last PDF flaw (yes, while this issue is with Flash, EMET is a general purpose tool):

http://news.cnet.com/8301-1009_3-20016161-83.html?tag=mncol;2n

In this case, add your browser to EMET. But beyond that, your email client (if you use one), media players (QuickTime, WinAmp, Windows Media Player), etc., etc. If it talks on the Net, you probably should be guarding that app with EMET.

-M
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
ddrakewi 21st Sep 2010
It certainly would be convenient to include a hot link to the update site
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
jheman2 21st Sep 2010
The Adobe DL site has not been updated yet .... still delivering 10.1.82.3 ........
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
myclub 1st Jul
ewet dedim ama neyse
http://www.bbgporn.com/
http://www.hmmtube.com/
dogru deme
http://www.erotiktube.org/
http://www.52tube.com/
http://www.wctube.com/
http://www.cameporn.com/
http://www.escortbayan9.com/
tamam dedim
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
mentorws Updated - 18th Aug
Have people found this patch reliable I get errors in Chrome?
myob courses
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
neo61322 7th Sep
This is an excellent article. The following publish supplies genuinely high quality info. My spouse and i?meters bound to check in it. Truly extremely helpful points are given listed here. Many thanks a great deal. Carry on favorable functions. vintage snapback hats best solid state drive
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
MAGENs 7th Sep
This is a really good read for me. Must admit that you are one of the best bloggers I have ever read. Thanks for posting this informative article. baby gifts for boys baby gifts for girls
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
LUCINDe 7th Sep
I like the article you wrote here; it is very informative and useful for the internet users like me. I will come back to read more blog posts on your website and I have bookmarked your website as well Thank You know style clothing store girls clothing stores online
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
MACKENZI 10th Sep
I also desire to signal in your RSS feeds. Thank you as soon as once again and maintain up the great operate! nccma cooler
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
MARAGARET 11th Sep
I used to be more than happy to seek out this internet-site.I wanted to thanks in your time for this glorious read!! I positively enjoying each little bit of it and I have you bookmarked to check out new stuff you weblog post. this thread is amazing i like your work and i appreciate you that you have share a useful stuff thanks for sharing the i shop abatwa
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
RHIANNONA 12th Sep
I used to be more than happy to seek out this internet-site.I wanted to thanks in your time for this glorious read!! I positively enjoying each little bit of it and I have you bookmarked to check out new stuff you weblog post.Bookmarking now thanks please consider a follow up post. power sa shop
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
Jeffrey1980 Updated - 13th Sep
good read
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
SATURNINA 13th Sep
I think the representation of this article is actually superb one. This is my first visit to your site. Thanks a lot and keep sharing the information. Keep updating the information for all of us. Thanks ZDNet Government was launched as the brand's first industry vertical, with a mission to cater to IT professionals in the public secto I agree with your post. However, do you have any sources I can cite for my paper wheel car com bury
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
mitch103 22nd Sep
Thanks for sharing!
flaggen
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
TOCCAR 25th Sep
Well welcome, hopefully you can become a vital member of the community and really help to push far ahead of google. Which Im sure the development team would love. This will of course earn you alot points too and get you on the leaders board. z d n e t t h a n k Im not sure i come to an agreement with you on every level, howevor it absolutely was a good posting, many thanks for taking the time to put up your ideas.
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
bettwaescheshop 25th Sep
Tolle Seite wir arbeiten viel mit Adobe.
Kinderbettwaesche
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
CLAUDET 25th Sep
This is my first visit to z d n e t site. Thanks a lot and keep sharing the information. Keep updating the information for all of us.how can i clean up, because i don???t know why it seems my skeen has to fat i get the glasses dirty every day.i search y a h o o Very good quality indeed. I surely recommend it. The template used in their site is also great.
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
MEJIAHA 29th Sep
Fantastic news about the new release.I positively enjoying each little bit of it and I have you b o o k m a r k e d to check out new stuff you weblog post.Im not sure i come to an agreement with you on every level, howevor it absolutely was a good posting, many thanks for taking the time to put up your ideas
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
Patrick83muc 30th Sep
I have Instal it but have found some big issues, have any other found some Issues? Rechnungsprogramm Linkaufbau Solartechnik Laminat Brandschaden Geigenkoffer Can Everybody tell me how can i post the issues, that someone can fix the issues! Thanks Patrick
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
umairmalik11 9th Oct
WoW!!! This is great information about flash player... I was searching a similar type of information about flash player... top news stories
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
FAULKNE 13th Oct
Good day to confirm this comment I would appreciate T h e b e s t o f Z D N e t d e l i v e r e d your website very nice to everyone Yes, Oracle is the only one with shared-disk architecture, but that is there advantage. It means you can add or remove nodes and the database lives on. In a shared nothing architecture, if you lose a node, you lose the system. I'm sure Oracle appreciates EMC highlighting their advantage.I also desire to signal in your RSS feeds. Thank you as soon as once again and maintain up the great operate Awesome post! Thank you very much || thanks for nice content this is really benefit to me.
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
scoty67y5 18th Oct
I want to show thanks to the writer for bailing me out of such a trouble. As a result of searching through the internet and seeing suggestions which are not powerful, I was thinking my life was well over. Living devoid of the solutions to the issues you've fixed all through your good review is a critical case, and the kind that might have negatively damaged my career if I had not encountered your site. Your knowledge and kindness in touching all the details was tremendous. I don't know what I would've done if I had not come across such a thing like this. I can at this time look forward to my future. Thank you very much for the impressive and sensible help. I will not be reluctant to propose your blog post to any person who will need assistance about this area.
dehumidifier reviews
0 Votes
+ -
Arvixe coupon code
alencoder2011@... 31st Oct
I don't know about you but shopping online can get you many discounts. Such as arvixe coupon code and the best of all, when ever you are searching for stuff online, try searching for discount codes.
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
jascarey 2nd Nov
Adobe has such a stronghold on the market that there's really not much you can do except to just let them do their thing and get it right. android remote desktop
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
jascarey 2nd Nov
Adobe has such stronghold on the market that there's really not much to do but to let them get it right. android remote desktop
0 Votes
+ -
RE: Adobe patches Flash Player zero-day
Denon DHT-391XP 3rd Nov
I already fed up with the Flash Player, because it crashed many times. Hope this will be good solution..
Thanks...
0 Votes
+ -
hardware
harware Updated - 27th Jan
I am the great blog. Appel for his deliberately to phone and security on the Flash Player. For security reasons, this is an advantage for the user, but the application has a clear disadvantage. Computer kaufen

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix