Adobe will release a fix for a new critical bug in Flash Player on Friday for Windows, Macintosh, Linux and Solaris, while Google Chrome users will be protected by Thursday through the browser's auto-update feature, Adobe said today. "As part of our collaboration with Google, Google receives updated builds of Flash Player for integration and testing. Once testing is completed for Google Chrome, the release is pushed via the Chrome auto-update mechanism," Adobe said in a statement.
"Adobe is testing the fix across all supported configurations of Windows, Macintosh, Linux, Solaris and Android (more than 60 platforms/configurations altogether) to ensure the fix works across all supported configurations," the statement said. "Typically, this process takes slightly longer and, in this case, is expected to complete on April 15 for Flash Player for Windows, Macintosh, Linux and Solaris."
Meanwhile, an update for Adobe Acrobat X and earlier for Windows and Macintosh, Adobe Reader X for Macintosh and Adobe Reader 9.4.3 and earlier for Windows and Macintosh will be available no later than the week of April 25, the company said in a security advisory.
Adobe warned on Monday that attackers were exploiting the hole to take control of Windows computers by sending e-mails with malicious Flash files embedded in Microsoft Word attachments. The company said it was not aware of any attacks via PDF (portable document format) files targeting Reader and Acrobat.
Because Adobe Reader X Protected Mode prevents such exploits from executing the company will address the hole in that software in its next quarterly security update for Reader, scheduled for June 14.
