# Adobe Warns of New Exploits - All Major Platforms



## Marlin Guy (Apr 8, 2009)

More fuel for Steve Jobs and other Adobe detractors.

http://www.adobe.com/support/security/advisories/apsa10-01.html

Security Advisory for Flash Player, Adobe Reader and Acrobat

Release date: June 4, 2010

Vulnerability identifier: APSA10-01

CVE number: CVE-2010-1297

Platform: All
Summary

A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat. This advisory will be updated once a schedule has been determined for releasing a fix.


----------



## Marlin Guy (Apr 8, 2009)

http://www.gnome.org/projects/evince


----------



## Grentz (Jan 10, 2007)

*yawn*

Software with exploits!?!?! OMG!! :lol:


----------



## Marlin Guy (Apr 8, 2009)

Yeah, I guess you could look at it that way, unless you have to pay to have the machines fixed after some POS Flash program had loaded rootkits and ransomware out the wazoo.


----------



## Grentz (Jan 10, 2007)

Trust me, all most people need is an internet connection and 10 minutes to get plenty of that stuff :lol:

All I am saying is that this is only big news because of all the Adobe/Apple flack going back and forth lately. There are plenty of exploits coming out in all sorts of everyday used software, such as browsers and other programs, that just get ignored by most news agencies except those covering IT security news specifically.


----------



## wilbur_the_goose (Aug 16, 2006)

All that is true, but Adobe really does produce crappy products (I'm not a Mac guy). Bloated software that's a bear to keep safe.

I'm not usually a Jobs fan, but he's 100% correct on this one.


----------



## Marlin Guy (Apr 8, 2009)

A couple of points about Adobe.

1. If you download their "latest version" of Acrobat from their site, it will need to be patched immediately in order to be anywhere near secure. They don't update their installation packages when vulnerabilities are discovered. This may also be true for Flash. I don't know. I've stopped using it almost completely.

2. They have taken Acrobat from a simple document reader to a ridiculously bloated multi-media suite. We don't need Flash content embedded into our PDF's.


----------



## The Merg (Jun 24, 2007)

Also, as an alternative, you can look at FoxitReader. Very small package and works very well. It's also quite fast compared to Adobe Reader.

BTW, MarlinGuy, congrats on 1k!

- Merg


----------



## Marlin Guy (Apr 8, 2009)

I had not heard of Foxit Reader. Just installed the free version and like it a lot!
It's really quick.
Thanks!


----------



## Lee L (Aug 15, 2002)

Glad I've been using the Flash betas for something close to decent performace (adobe still doens not know how to use hte resources of a computer very well) for months now.

Now, I guess I should just downgrade acrobat. Fools.


----------

