Palo Alto Networks™, the network security company, today announced that the Palo Alto Networks Application and Threat Research Team has discovered a critical vulnerability in Adobe Flash Player (described in Adobe Security Bulletin APSB10-22). This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. Adobe has reported that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows, but Adobe is not aware of any additional attacks exploiting this vulnerability to date.
This critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.92.10 for Android. It also affects Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. Adobe recommends users of this version of Adobe Flash Player and earlier versions for Windows, Macintosh, Linux, and Solaris should update to Adobe Flash Player 10.1.85.3, and users of Adobe Flash Player 10.1.92.10 for Android should update to Adobe Flash Player 10.1.95.1.
The Palo Alto Networks Application and Threat Research Team is active in the research community, aggressively pursuing both new vulnerability research and alleviation of all types of threats. They have leveraged their expertise to uncover a string of Microsoft- and Adobe-related vulnerabilities to ensure users are protected.
Enterprises using legacy security technology increasingly lack visibility into and control of application traffic. Palo Alto Networks' next-generation firewalls are unique in the industry in their ability to see and control applications, users and content – not just ports, IP addresses and packets. Palo Alto Networks' next-generation firewalls enable enterprises to create granular, business-relevant security policies and safely control applications instead of the block-or-nothing approach offered by traditional port-blocking firewalls.
About Palo Alto Networks
Palo Alto Networks™ is the network security company. Its next-generation firewalls enable unprecedented visibility and granular policy control of applications and content – by user, not just IP address – at up to 10Gbps with no performance degradation. Based on patent-pending App-ID™ technology, Palo Alto Networks firewalls accurately identify and control applications – regardless of port, protocol, evasive tactic or SSL encryption – and scan content to stop threats and prevent data leakage. Enterprises can for the first time embrace Web 2.0 and maintain complete visibility and control, while significantly reducing total cost of ownership through device consolidation. For more information, visit www.paloaltonetworks.com.
Palo Alto Networks, "The Network Security Company," the Palo Alto Networks Logo and App-ID are trademarks of Palo Alto Networks, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.
