Flash update plugs zero-day Adobe vuln
Plethora of patches perplexes punters
Adobe released an update to its Flash Player software on Thursday, completing a busy week of security updates from the software developer.
Users are advised to upgrade to Flash version 10.0.32.18 to defend against a cross-platform flaw that has become the focus of hacking attacks since last week.
Components of the vulnerable software are used by Adobe AIR, so the security-conscious need to upgrade that software to version 1.5.2, as explained in a security advisory by Adobe here.
Earlier this week Adobe warned that a Microsoft ATL vulnerability that prompted an unscheduled patch on Tuesday also affects Adobe Products. Flash Player and Shockwave Player were spun from the flawed software development technology and need to be updated as a result.
The flurry of patches from Adobe this week, together with recent Reader and Acrobat updates, provide more evidence that the firm is solidly in the cross-hairs of malware-touting miscreants. Microsoft, which will always be the prime target for hackers thanks to its installed base, has learned over the years to make patching as painless as possible.
Meanwhile, applying Adobe updates remains time consuming and fiddly, as others also note.
Tools like Secunia's PSI can guide home users through the application patching process but Adobe, and other software developers, also need to play their part in simplifying the often irksome update process. ®