Steve Jobs has been on a crusade against Adobe Flash for quite sometime citing issues with performance, stability, and security. Today, Adobe is fueling Jobs’ concerns and likely giving the Apple CEO fodder for his WWDC keynote which is coming up on Monday.
According to Adobe, there is a critical vulnerability in versions of Flash Player (Windows, OS X, Linux, Solaris) and Reader/Acrobat 9.x (Windows, OS X, UNIX). The exploit allow a hacker to gain control over an affected system.
Even more troubling is that Adobe says that it currently doesn’t have a fix and “there are reports that this vulnerability is being actively exploited in the wild.”
Adobe says that the following versions of its products are affected:
- Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions
- Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions
It should be noted however, that the current Release Candidate version of Flash Player 10.1 “does not appear to be vulnerable” to this exploit and Adobe Reader/Acrobat 8.x are also safe.
You can view Adobe’s full advisory on the exploit here which also details steps to minimize the impact of the exploit with Reader/Acrobat 9.x.