Adobe Flash update lances zero-day vuln
There's more where that came from
Adobe is due to release an update for Flash Player later on Tuesday that plugs a zero-day vulnerability.
The critical update for Adobe Flash Player 10.0.32.18 and earlier versions, will be delivered alongside an equally important fix for Adobe AIR 1.5.2. Details of the vulnerability are being withheld pending the delivery of patches.
In related patching news, Adobe said on Monday that it planned to release patches dealing with recently uncovered holes in Adobe Illustrator CS3 and CS4 by 8 January.
More information on both issues can be found on Adobe's security blog here. The ubiquity of Adobe software has made it a favourite target for exploits and mendacious hackers, particularly over recent months, as application Flash trickery and booby-trapped PDF files have become almost as commonplace as browser exploits on the threat landscape.
The second Tuesday of the month is, of course, the day Microsoft's Patch Tuesday train rolls into town. The software giant is due to deliver six critical bulletins, one covering a zero-day vulnerability in IE, later today. ®