Adobe issues new Flash Player 10.1.85.3, patching exploits

[Wiz Feinberg]

Update your Flash Player NOW

A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows. Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date.

Adobe recommends users of Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, and Solaris update to Adobe Flash Player 10.1.85.3, and users of Adobe Flash Player 10.1.92.10 for Android update to Adobe Flash Player 10.1.95.1.

If you also have a Google Chrome browser, it has a custom version of Flash embedded in its engine. Use the built-in Update function to download a newer version of Chrome.

You can download/install the latest version of Flash, for your operating system and different browsers, at http://get.adobe.com/flashplayer/

[Wiz Feinberg]

I forgot to include the fact that Internet Explorer uses a different version of Flash than Firefox, Opera and Safari browsers. If you have more than one type of browser, you'll need to get the latest version of Flash for each one.

Also, since every Flash vulnerability is also an Adobe Acrobat and Reader vulnerability, updates to those products remain. They are scheduled for release on the week of October 4.

To see which version of Flash you have installed, for each browser, go here. If your installed version is less than the current version, download and install the latest version for your various browsers.