Adobe Flash Player 10.0.102.64 and earlier which is present in a variety of Adobe products such as, Adobe reader and Acrobat contain a memory corruption vulnerability which can allow a remote attacker execute arbitrary code. These versions of Flash Players are present on all mainstream operating systems and users running these versions need to upgrade to the latest version of Flash Player. For more details about this vulnerability visit Adobe’s Security Bulletin APSB11-02.
In critical environments or where the latest version cannot be deployed immediately, the following steps may be required:
- Disabling Flash content in Web Browsers and Adobe Reader 9 or later
- Preventing PDF documents from automatically opening in web browsers
- Uninstall Flash Player
You may encounter some problems when uninstalling Flash Player while Adobe released an uninstaller and the steps required to overcome this problem. See Uninstall ActiveX. Note that this will not remove the instances of Flash Player that are installed with Adobe Reader or other Adobe products.