Adobe Flash Player and Air Patched
From ISC SANS:
The almost universally installed flash player of adobe has been update to version 10.0.42.34. Adobe air was upgraded as well to version 1.5.3.
Read more about it in the apsb09-19 bulletin from adobe.
The reason behind it are 7 vulnerabilities: CVE-2009-3794, CVE-2009-3796, CVE-2009-3797, CVE-2009-3798, CVE-2009-3799, CVE-2009-3800 and, CVE-2009-3951 of which 6 lead to arbitrary code execution and the last one is a windows-only issue leading to unauthorized information disclosure, related to CVE-2008-4820.
“Upgrade!” is the loud and clear message should our audience need that encouragement.
At this point we have no guidance for users wishing to know more about version 9 of the flash player aside of considering an upgrade to the latest incarnation of version 10.
Thanks for the heads-up go to David and Andrew.
Patch thy self!
