updated 12:05 pm EST, Wed February 25, 2009
Adobe Flash exploits fixed
Adobe has patched multiple exploit holes present within recent versions of Flash, a company security bulletin informs. The vulnerabilities primarily affect Mac and Windows editions of Flash software at or below v10.0.12.36, as well as the Linux Flash Player starting with v10.0.15.3; the principal exploit involves luring people into loading a malicious SWF file, which exposes a computer to hacking. Two fixes have been made to deter "clickjacking," triggered by clicking on a particular space on a webpage.
Remaining changes attempt to halt denial-of-service attacks instigated through bad input validation, and a data leak associated only with Linux systems. Users of Flash Player, Flex 3 and Flash CS4 Professional are expected to update to v10.0.22.87, while users of AIR should download v1.5.1. Flash CS3 Professional owners have been provided with v22.214.171.124.