Multiple critical vulnerabilities have been found by Adobe in its Flash media player. The flaws put users at risk by compromising system security, possibly from drive-by downloads. All customers are being urged to update their player as soon as possible to version 220.127.116.11.
"Critical vulnerabilities have been identified in Flash Player that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these vulnerabilities," Macromedia said in a security bulletin. "Users are recommended to update to the most current version of Flash Player available for their platform."
The problems relate to Flash Player versions 8.0.22 and earlier, Shockwave player versions 10.1.0.11 and earlier and Breeze Meeting versions 5.1 and earlier.