Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: InfoSec Handlers Diary Blog - Update to Adobe Flash 0-day: Patch will be out soon InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Update to Adobe Flash 0-day: Patch will be out soon

Published: 2011-04-14
Last Updated: 2011-04-14 13:46:25 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)

Adobe updated its advisory, stating that we should have a patch at least for the "non sandbox" versions of Adobe Acrobat and Reader by April 25th [1]. Flash player will get a fix even earlier (April 15th = this week Friday). Adobe Reader X for Windows, which uses the new "Protected Mode" feature to limited the exploitability of this vulnerability, will have to wait until June 14th.

Little Table to clarify:

  Flash Reader 9 Reader 10.x Reader 10.0.1 Reader 10.0.2 aka "X"
Windows 4/15 4/25 4/25 4/25 6/14
Macintosh 4/15 4/25 4/25 4/25 4/25

 

for more details, see the URL below.

[1] http://www.adobe.com/support/security/advisories/apsa11-02.html

Update: corrected patch date for Adobe Reader X for Windows. Was 6/25.. but should have been 6/14. Thanks Luc for pointing this out to me!)

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: adobe flash
1 comment(s)
Diary Archives