Adobe Flash Version 10 - Security Release Fixes Many Bugs
Posted
Thu, Oct 16 2008 11:58
by
Harry Waldron
This new version addresses Flash "clipboard jacking" and other recent security concerns. It is working well in early testing with XP SP3. Corporate users should carefully pilot test with their client/server and web applications prior to rolling it out to everyone.
Adobe Flash Version 10 - Security Release Fixes Many Bugs
http://blogs.pcmag.com/securitywatch/2008/10/flash_updates_fix_many_bugs.php
Adobe Flash 10.0.12.36 - System Requirements
http://www.adobe.com/products/flashplayer/systemreqs/
Adobe Security Advisory
http://www.adobe.com/support/security/advisories/apsa08-09.html
Adobe Flash Version 10 - Download Page (carefully follow directions)
http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash
QUOTE: New versions of Flash Professional and the Flash Player were released today. The new Flash 10 player implements, among other new features, the ability to turn off clipboard access for Flash programs, and turns on this setting by default. This ability had recently become badly abused by malicious web sites as a cross-platform attack known as "Clipboard-Jacking." In all likelihood it has a new set of vulnerabilities as well.
ADDITIONAL LINKS
http://msmvps.com/blogs/spywaresucks/archive/2008/10/16/1650962.aspx
http://blogs.pcmag.com/securitywatch/2008/09/adobe_to_plug_clipboardjacking.php
http://blogs.adobe.com/psirt/2008/10/security_bulletin_for_flash_pl.html