Adobe Zero-Day Exploit on Flash Player, Adobe Reader, and Acrobat

Adobe has announced a critical vulnerability in Flash Player, Adobe Reader, and Acrobat where there is currently no fix. This vulnerability is reported to be actively exploited in the wild. This exploit affects those Adobe products on Windows, Macintosh, Linux, and Solaris.

Adobe's security advisory states that this threat can be mitigated for Adobe Reader and Acrobat on Windows by moving the authplay.dll file out of the way. The authplay.dll file is located at:

Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll
Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\authplay.dll

This will cause those programs to crash if they happen to open a PDF file with SWF content, which should be rare. Please note that this technique works on Adobe Reader and Acrobat on Windows only; there is no word from Adobe on how to mitigate this threat on those products on the affected non-Windows platforms.

The threat to Flash Player can be mitigated by upgrading to Flash Player 10.1 Release Candidate (available on all platforms).

While a fix is being developed by Adobe, we would recommend everyone to apply those mitigation techniques. Even if those techniques are applied, we would still recommend exercising extreme vigilance when browsing websites with Flash content and when opening PDF attachments.

We recommend using Firefox with the NoScript extension, which prevents Flash content from being loaded unless explicitly allowed. NoScript also protects you from a wide variety of other web threats.