New Flash Player version plugs over thirty security holes

Jun 11, 2010 14:34 GMT  ·  By

Adobe has released a Flash Player update that fixes a flurry of vulnerabilities including a critical zero-day flaw (CVE-2010-1297) that has been actively exploited in attacks since last week. In addition to the numerous security patches, the new Flash player 10.1.53.64 version brings major functionality and performance improvements.

A lot of eyes have been on Adobe since last week, when yet another remote code execution vulnerability affecting Flash Player, as well as Adobe Reader and Acrobat, was announced. Worse yet, the bug was discovered in the wild, meaning it posed an immediate threat to users.

Earlier this week, the company revealed plans to release a patch by June 10, a promise it met yesterday by shipping the first stable version of Flash Player 10.1. This release marks the end of the 10.0.x branch, as well as the end of support for PowerPC G3, 10.1.53.64 being the last version to work on this architecture.

The Security Bulletin accompanying the release names no less than 32 security issues that the new Adobe Flash Player 10.1.53.64 addresses. The vast majority of these vulnerabilities can facilitate arbitrary code execution and affect Adobe AIR as well - for which a new version (2.0.2.12610) was also released.

The Adobe Flash Player update is only available for Windows, Mac and Linux operating systems, with the Solaris version being still in the beta stage of development. A new version for the 9.0.x branch, namely 9.0.277.0, has also been released, to accommodate scenarios where upgrading to 10.1 will break functionality.

Flash Player 10.1 has been a long-awaited release, mainly because it introduces GPU hardware acceleration, a feature that takes the load off CPUs during HD SWF playback, finally allowing for such content to be properly watched on netbooks and other low-performance devices. The video-streaming experience has also been improved, the player automatically adapting the stream quality in real time according to network conditions.

Adobe Flash Player 10.1.53.64 and 9.0.277.0 for Windows can be downloaded from here. Adobe AIR 2.0.2.12610 for Windows can be downloaded from here.

Adobe Flash Player 10.1.53.64 and 9.0.277.0 for Mac can be downloaded from here. Adobe AIR 2.0.2.12610 for Mac can be downloaded from here.

Adobe Flash Player 10.1.53.64 for Linux can be downloaded from here. Adobe AIR 2.0.2.12610 for Linux can be downloaded from here.