Adobe Systems Inc. late Wednesday admitted its Flash and Reader software have a critical vulnerability and promised it would patch both next week.
One security researcher, however, said Adobe's own bug-tracking database shows that the company has known of the vulnerability for nearly seven months.
In a security advisory posted around 10 p.m. Eastern time Wednesday, Adobe acknowledged that earlier reports were on target. "A critical vulnerability exists in the current versions of Flash Player (v9.0.159.0 and v10.0.22.87) for Windows, Macintosh and Linux operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for Windows, Macintosh and UNIX operating systems," the company said.
More: http://computerworld.com/s/article/9135826/
One security researcher, however, said Adobe's own bug-tracking database shows that the company has known of the vulnerability for nearly seven months.
In a security advisory posted around 10 p.m. Eastern time Wednesday, Adobe acknowledged that earlier reports were on target. "A critical vulnerability exists in the current versions of Flash Player (v9.0.159.0 and v10.0.22.87) for Windows, Macintosh and Linux operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for Windows, Macintosh and UNIX operating systems," the company said.
More: http://computerworld.com/s/article/9135826/