Adobe flash player and air patched

The almost universally installed flash player of adobe has been update to version Adobe air as upgraded to 1.5.3.

Read more about it in the apsb09-19 bulletin from adobe.

The reason behind it are 7 vulnerabilities: CVE-2009-3794, CVE-2009-3796, CVE-2009-3797, CVE-2009-3798, CVE-2009-3799, CVE-2009-3800 and, CVE-2009-3951 of which 6 lead to arbitrary code execution and the last one is a windows only issue leading to unauthorized information disclosure, related to CVE-2008-4820.

"Upgrade!" is the loud and clear message should our audience need that encouragement.

At this point we have no guidance for users wishing to know more about version 9 of the flash player aside of considering an upgrade to latest incarnation of version 10.

Thanks for the heads up go to David and Andrew

Swa Frantzen -- Section 66


760 Posts
Dec 9th 2009
If Adobe believes there is such thing as a "secret link", that speaks volumes about their overall security posture (or lack thereof). I don't know what URL was originally posted, but a simple Google search for "adobe flash msi" returns a download page containing the exact text quote above regarding Flash Player 9.
Shhhh, itz a s3krit!!!!!
Adrien de Beaupre

353 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!