, The Register 2010-02-12
Adobe has published a cross-platform update for Flash that addresses a potentially serious security flaw.
Flash Player users are advised to upgrade to version 10.0.45.2 to plug a hole in earlier versions of the software that means the domain sandbox security protection could be bypassed to make unauthorized cross-domain requests.
The two-part fix means surfers also need to upgrade to Adobe AIR version 220.127.116.110, as explained in Adobe's bulletin here.
The cross-platform update applies to Windows, Mac and Linux versions of the software.
In related news, Adobe promised relief from a critical vulnerability in Acrobat and Reader with a patch due to arrive next Tuesday, 16 February. This fix is related to the Flash problem which is why Adobe is releasing an update outside its recently announced quarterly patch cycle.
Flaws in Adobe software, second only to Microsoft, have been exploited in numerous targeted hacker attack over recent months, prompting some security watchers to advise users to consider the use of alternative PDF readers. Adobe is beginning to get to grips with the problem but its patching process often remains cumbersome and fiddly. ®