Android Affected by Zero-Day Vulnerability in Flash Player

Android mobile phone users might find themselves vulnerable if having Flash Player 10.1 installed on their devices, as a new security issue with the solution was discovered recently.

According to Adobe, the vulnerability in question is a zero-day one, meaning that it was discovered while being exploited into the wild.

“A Security Advisory (APSA10-03) has been posted in regards to a new Adobe Flash Player issue (CVE-2010-2884). A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris and Android,” the company announced on its website.

While the company does not offer specific info on the security breach, it does say that it could cause a crash and that it could enable an attacker to take control over the machine affected by the issue.

However, it seems that only Flash Player for Windows computers is being actively exploited at the moment.

“This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Flash Player on Windows,” the company stated.

Although there are no reports on Android-based devices being affected by the issue, there is always the chance that one would try to exploit them too.

This critical security issue with the company's solution is the second one reported on during the past 7 days, it seems.

Flash Player 10.1.92.10 for Android was released only a few weeks ago, yet it seems that the first update for it is near, especially since it has to patch this security hole.

As for when the solution would arrive, reports on the matter suggest that Adobe might push it into the wild in about two weeks from now.

To be more specific, the week of September 27 is the time frame to look for, so stay tuned for more info on the matter.