Flash Player 10 has been released - please install
Announced just a short while ago:
As my regular readers know, there are security changes in Flash 10 that *may* impact on the ever problem malvertizements that have been a too-regular topic on this blog (btw, I received an email this morning from an AV company contact to warn me that bloomberg.com has been affected by malvertizing over the past week or so). The update also addresses clickjacking and clipboard hijacking.
Note: Adobe advises that "For customers who cannot upgrade to Flash Player 10, a Flash Player 9 update is currently scheduled for early November."
For what its worth, Flash Player 10 does not give us any additional control via the Flash Player Settings Manager over the inbuilt functionality that malvertizements use to hijack web browsers. Here's hoping the security changes built into Flash Player 10 will mitigate the problems.
Be alert: the installer *pre-checks* the option to install the Google Toolbar - if you're like me, and you don't want the gosh-darned toolbar, you will want to uncheck that option.