12
04
2011
Yet Another Adobe Flash and Reader 0 Day
Posted by: Giorgio in Advisories, Flash, Mozilla, Security, NoScriptIt's getting boring.
Current Flash Player version (10.2.153.1 for the general public, 10.2.154.25 for Chrome users) is affected by a remote code execution vulnerability which is reported as being exploited in the wild.
Since Adobe Reader X (the newest version with "protected" mode) is vulnerable but not exploitable, Adobe doesn't plan an out-of-band patch: looks like browser users are second-class citizens.
As usual, you can outright disable the Flash plugin or use NoScript's active content blocking (not FlashBlock, please).
Yawn...