Since version 9.0, which was released a little over two years ago, in July 2008, Adobe Reader is capable of natively playing SWF (Shockwave Flash) files embedded in PDF documents.
This functionality is provided through a version of Flash Player bundled in Adobe Reader installations as a file called authplay.dll.
The immediate implication of this is that most, if not all, zero-day vulnerabilities discovered in Flash Player also affect Adobe Reader."According to Adobe, this also includes an updated version of the bundled Flash Player, but one has to wonder how long we would have had to wait if they weren't forced to issue the out-of-band release," Mr. Eiram, writes on the Secunia blog.
You can follow the editor on Twitter @lconstantin
0 comments:
Post a Comment