Just weeks after patching a critical flaw, Adobe Systems is rushing out another patch for its Reader and Acrobat software. The company also patched a critical issue in Flash Player Thursday.
The Flash Player flaw could be used by an attacker to trick a Web browser into doing things that it shouldn't, what's known as a remote-code execution flaw, meaning it can't be used to directly install unauthorized software on a victim's computer, said Brad Arkin, Adobe's director of product security and privacy.
If the bug is exploited, "the attacker would be able to execute a general class of cross-site request forgery type of attacks," Arkin said. Adobe rates the issue as "critical."
More: http://pcworld.com/businesscenter/article/189182
The Flash Player flaw could be used by an attacker to trick a Web browser into doing things that it shouldn't, what's known as a remote-code execution flaw, meaning it can't be used to directly install unauthorized software on a victim's computer, said Brad Arkin, Adobe's director of product security and privacy.
If the bug is exploited, "the attacker would be able to execute a general class of cross-site request forgery type of attacks," Arkin said. Adobe rates the issue as "critical."
More: http://pcworld.com/businesscenter/article/189182