Attackers can no longer take over your machine because of the Flash Player

Sep 22, 2011 06:44 GMT  ·  By

Critical vulnerabilities identified in the 10.3.183.7 version of Flash Player and in the 10.3.186.6 of the one designed for Android made it necessary for Adobe to release new variants for each, to cover the weak links that might allow attackers to penetrate your device's protection.

The early versions were exploited by hackers and utilized to trick people into clicking on malicious links sent in email messages.

The developer recommends that anyone who has one of the previous versions update to the current Flash Player 10.3.183.10, respectively 10.3.186.7 on Android machines.

Adobe Flash Player 10.3.183.7 Windows, Mac, Linux and Solaris clients can upgrade to the latest release from within the product using the auto-update feature or from here, while Android fans can get the new application from Android Market.

Because the fresh security modifications resolve a universal cross-site scripting problem that could be utilized to perform actions on behalf of the user on any website or webmail provider if a malicious website is visited, it is imperative that everyone makes the upgrade as soon as possible.

So what are the exact improvements in the latest product?

An AVM stack overflow issue that could allow a cybercriminal to remotely execute a code or launch a DoS attack was corrected. Encountered browser crashes are resolved by fixing the logic error bug that was present before.

Information disclosure will not be possible as the protection control bypass that could be done until now no longer presents a problem.

A weakness caused by a streaming media logic error which could have led to code execution was also patched up.

As before, the security issues were discovered with the help of a few “white hats” who want to make sure that hackers don't gain access to everyday user's computers. Among these, Google, Red Hat Security Response Team, Fortinet's FortiGuard Labs, Graduate University of Chinese Academy of Sciences, Cigital and Zengrong need to be mentioned.

Adobe Flash Player 11.0.1.129 RC 1 / 10.3.183.10 is available for download here.