November 14, 2006

Important Adobe Flash Player 9 Security Update Released

This Security Bulletin was just posted to the Adobe site regarding a security exploit in the Flash Player. From the bulletin:

Adobe has provided an update to resolve vulnerabilities in Adobe Flash Player. These vulnerabilities would allow remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks. The flexibility of the attack varies depending on the type of web browser being used.

Apparently, Flash Player 7, 8, and 9 are all affected, but there is only an update available for version 9 at the moment. I should also note that the fix has been marked as "Important," which is one step below their highest severity level of "Critical," so definitely look into upgrading if possible.

For any Flash or Flex developers who rely on the Debug version of the player for development, Adobe unfortunately makes it hard to find the updated Players on their site, so here you go.

Posted By Dave on November 14, 2006 at 5:20 PM
Related Categories: Apple, Microsoft, Flex, Technology, Adobe

Comments (2) | Print | del.icio.us | Linking Blogs

Related Blog Entries

Getting the Flash Tracer Plugin To Work With The Latest Flash Player Release (December 28, 2006)

Comments

Thanks muchly for the heads up and the link to the debug versions; I'm knee deep in Flex 2 right now so that's saved me a lot of hassle.

# Posted By James Holmes on 11/14/06 at 7:30 PM

No problem James. Glad I could help!

# Posted By Dave Carabetta on 11/14/06 at 7:44 PM

Calendar

Sun	Mon	Tue	Wed	Thu	Fri	Sat
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31

About Me

I'm Dave Carabetta and this is my slice of the web. I am on the Business Development team at Cynergy Systems, where we design and develop incredible software using Rich Internet Application technologies like Adobe Flex, Adobe AIR, Microsoft Silverlight and Microsoft WPF. If you're interested (or really confused), check out our CynergyTV showcase to see some examples. If you really want more details about who I am and how I got here, check out one of my very first posts to this blog.

Finally, all opinions expressed anywhere on this site are solely mine and not those of my employer. I intentionally keep this blog separate from our corporate blogs for this very reason.

Enter your email address to subscribe to this blog.

Archives By Subject

RSS Adobe (59)
RSS Apple (13)
RSS Blogging (18)
RSS ColdFusion (46)
RSS CSS (6)
RSS Cynergy Systems (8)
RSS Databases (6)
RSS Flex (45)
RSS Frameworks (20)
RSS Macromedia (4)
RSS Marketing (27)
RSS Microsoft (12)
RSS Misc (15)
RSS Model-Glue (7)
RSS Oracle (6)
RSS Personal (26)
RSS Ruby on Rails (3)
RSS Technology (73)

RSS

Aggregated By