Staffing shortages, at both US airlines and the Federal Aviation Administration’s air traffic control operations, took a bad situation and made it worse. But storms were only one factor behind the travel nightmare. *The "authplay.dll" file is typically found atĬ:\Program Files\Adobe\Reader 9.0\Reader\Ĭ:\Program Files\Adobe\Acrobat 9.Hundreds of thousands of US airline customers were stranded this week as severe weather grounded planes and led to canceled flights. Shouldn't these problems have been fixed by now? Adobe has still not issued updated versions of Adobe Acrobat and Adobe Reader even though it can hardly come as a surprise to them that an update for Flash Player was issued.
One problem with bundling of Flash Player is that users cannot easily address vulnerabilities simply by installing a new Flash Player version when available, but instead have to wait until a new version of the product bundling Flash Player is released. Adobe has been doing it for a while with Adobe Acrobat and Adobe Reader and lately Google also started bundling Flash Player with Chrome.
#New adobe update problems software#
It seems to become popular for software vendors to bundle Flash Player in their products. On August 12th, Carsten Eiram, Chief Security Specialist at Secunia blogged that It gave Reader 9.3.3.177 a clean bill of health, despite including a vulnerable copy of Flash.Īnd, Secunia is well aware of the problem. I was able to test that my favorite Java applet, Secunia's Onine Software Inspector, does not flag the embedded copy of Flash in the Adobe Reader.
I'm a blogger, not a lab, but I doubt that any of these are updated automatically when you follow the standard procedure for updating Flash in a web browser. Version 8 of the Adobe Reader and Acrobat do not seem to include Flash. My count is now six applications that include hidden/embedded instances of Flash: Google's Chrome, the Adobe Reader v9.x, Adobe Acrobat v9.x, Adobe AIR, Adobe Flash Professional, Adobe Flex. The update is scheduled to be released August 19, 2010.Īlthough the August 10th security bulletin about Flash does not mention the Adobe Reader and/or Acrobat, it does include other affected software: Adobe's AIR, Flash CS5 Professional, Flash CS4 Professional, Flash CS3 Professional, Flex 4 and Flex 3.
#New adobe update problems Patch#
According to an Adobe Product Security Incident Response Team blog posting from August 5th, the upcoming patch to Reader and Acrobat will include a new version of Flash (authplay.dll). The security bulletin says nothing about Flash or authplay.dll. during the week of August 16, 2010." However, the update is to fix a problem with integer math font parsing. As I write this, the latest copy of the Adobe Reader (v9.3.3) includes a buggy version of Flash (10.1.53.64).īy the way, the Adobe Reader can display information about included plugins (Help -> About Adobe Plug-Ins), but, it fails to mention Flash (tested with version 9.3.3 under Windows).Īdobe is planning an update to Reader and Acrobat ".
Curious folks can get the properties of the authplay.dll* file and go to the Version tab, to see for themselves. If so, did the article mention that Reader and Acrobat were vulnerable? Probably not.ĭon't take my word for it. Perhaps you read about this latest update to Flash. Yet, in the security bulletin that Adobe issued on August 10th (the one warning that Flash version 10.1.53.64 was buggy and we should all update to version 10.1.82.76) there was no mention of the authplay.dll file. Back in July 2009, Adobe also warned that the authplay.dll file in Adobe Reader and Acrobat 9 was buggy. The authplay.dll file is a copy of Flash embedded in the Adobe Reader and Acrobat.ĭuring the three week period in June 2010 that Reader and Acrobat contained buggy copies of Flash, we were advised to disable (delete or rename) the authplay.dll file. Back on JAdobe warned:Ī critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. It was only a couple months ago that Flash version 10.1.53.64 was released to fix some critical bug(s). Adobe's security bulletin omitted some of their own software. Despite the fact that doing so was co-operative effort between Adobe and Google, the Adobe security bulletin describing the latest Flash player bug, says nothing about updating Chrome to pick up the new version of the Flash player.Īnd, that's just the appetizer. This is because Chrome includes its own copy of Flash (gcswf32.dll).
0 kommentar(er)
