The official word is out, Adobe has announced that there is a critical vulnerability found in the flash player 9 and 10. Adobe is working on providing a fast update.

A critical vulnerability exists in the current versions of Flash Player (v9.0.159.0 and v10.0.22.87) for Windows, Macintosh and Linux operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2009-1862) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild via limited, targeted attacks against Adobe Reader v9 on Windows.

We are in the process of developing a fix for the issue, and expect to provide an update for Flash Player v9 and v10 for Windows, Macintosh, and Linux by July 30, 2009 (the date for Flash Player v9 and v10 for Solaris is still pending). We expect to provide an update for Adobe Reader and Acrobat v9.1.2 for Windows, Macintosh and UNIX by July 31, 2009.

- Adobe http://www.adobe.com/support/security/advisories/apsa09-03.html

I don’t know how many people have been affected by this problem, but it looks as if Adobe is taking the vulnerability seriously and a resolution should follow soon.

- Josh Chernoff.