Critical zero-day vulnerability found in Adobe Flash, Reader, Acrobat

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Adobe
There’s more bad news for the users of Adobe’s products, as the company has just advised that it has discovered critical security vulnerabilities in versions of Adobe Flash Player, Adobe Reader and Adobe Acrobat.

According to an advisory published by the firm, the vulnerabilities can be exploited by malicious hackers to run malicious code on victims computers.

Adobe says that version 10.1.85.3 and earlier of Flash Player for the Windows, Macintosh, Linux and Solaris operating systems are vulnerable. In addition, Adobe Flash Player 10.1.95.2 and earlier versions for Android; and the authplay.dll component that ships with Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX operating systems are at risk.

Finally, Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh operating systems are also vulnerable.

Sign up to our free newsletter.
Security news, advice, and tips.

Adobe says it is working on fixing the as-yet unpatched vulnerability, and hopes to provide an update for Flash Player 10.x (for the Windows, Macintosh, Linux, and Android platforms) by November 9th. Adobe Reader and Acrobat 9.4 and earlier are scheduled to be updated during the week of November 15th for Windows and Mac OS X.

Of course, that’s some time away – and in the meantime it wouldn’t be a surprise at all to hear of more malicious hackers attempting to exploit these vulnerabilities. Bad news for Adobe’s customers is, of course, bad news for Adobe.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.