Second Flash zero-day patch in a month tips up

After less than two weeks Adobe has patched a critical vulnerability in its Flash Player.

Apparently, hackers were already exploiting a memory corruption vulnerability which said that the bug could “potentially allow an attacker to take control of the affected system”.

Adobe said The attacks were coming via poisoned web pages. Adobe also updated its popular Reader PDF viewer to kill 13 bugs and a couple of older ones the company had not fixed.

Adobe released an update on June 5, when it fixed a critical flaw that attackers were exploiting to steal Gmail login credentials.

Google, which bundles Flash Player with Chrome, updated its browser to include the new version of Flash.

The Flash Player has been patched four times in the last two months, and six times so far this year.

Adobe fixed 13 new vulnerabilities in Reader. Reader X, received at least 17 patches, all but two of them were pegged as being “critical” by Adobe.

The new bugs included buffer and heap overflow bugs, memory corruption vulnerabilities, a DLL load hijacking vulnerability, a cross-document scripting flaw, and one with the mysterious label of “security bypass” bug.

Adobe applied four patches to ancient Reader X flaws that it had not fixed before.