Adobe fixes six critical flaw of Flash

Adobe wants to fix the security problems of Flash forever

After a patch not very effective launched in June for one of the flaws, Adobe reiterates and the opportunity to fix other bugs.

Adobe has delivered a patch able to correct six vulnerabilities in Flash deemed critical. This is the third update of the 2010 software installed on nearly 99% of personal computers. Patches of March and June had two of them patched 33 other failures. However, as usual, Adobe has revealed that the amount of detail about the nature of the bugs targeted by the update.

Five of them were stamped with the words “memory corruption”, while the sixth could potentially be used for attacks “Clickjacking” tricking the user to click where an attacker wants to retrieve information including personal . Adobe has chosen not to be aware of any exploitation of these vulnerabilities to date.

Updates unforeseen

For one of the patches, it is the second attempt by Adobe to fix a specific vulnerabilities. The company had already tried two months ago, called to correct the flaw CVE-2010-2188, but had admitted two weeks after the update, it did not work. Adobe addresses Flash and Reader also different in terms of updates: Reader has a calendar quarterly patches leaving on the same day of the month as Microsoft, Patch Tuesdays, when nothing of this kind is planned for Flash. Faced with the annoyance of some security experts who would be warned a little early, the company said it would “evaluate the possibility of aligning the output cycles of patches with other Adobe products Patch Tuesdays.

Users can also expect another update next week as the company announced the release date, August 16, an emergency patch will fix a critical vulnerability in Acrobat Reader. This was revealed during the security conference Black Hat by Charlie Miller.