Flash Player update plugs security vulnerability
By means of a silent update to version 9.0.28.0 on 14th November, Flash manufacturer Adobe (formally Macromedia) has fixed a bug which could be utilised by an attacker using prepared flash files on websites to manipulate http headers or to carry out http request splitting attacks. Installation of the update prevents hackers from utilising this vulnerability to disable internet applications or infiltrate commands into such applications.
An info page is available to determine which version of the Flash Player is installed. Adobe provides information on Flash security on an FAQ page.
(ehe)