Critical vulnerabilities have been publicized, and are being exploited,
in these widely-used Adobe products: Flash Player, Adobe Reader, and
Acrobat. The impact of these vulnerabilities could be severe: should you
visit a dodgy website, or open a malevolent PDF file, attackers could
gain control of your system.
For Flash Player, a patch is due from Adobe in a couple of days (please
apply it when alerted); for Reader and Acrobat, in three weeks. The lab
has taken (or will shortly take) action to protect systems we manage. On
systems you manage, you may choose to simply excercise extra caution, or
you may choose to take mitigating action.
Details, including how to mitigate, are here:
http://www.cs.washington.edu/lab/security/vuln-2010-06-07.html
—
S. Morris Rose
Technical Staff
University of Washington CSE