AppsGood and EVO

Updated Flash Player 10.1 (version 10.1.92.10) for HTC EVO has security vulnerability

Evo-flash-update-si

G&E reader Todd wrote in to let us know that the latest version of Flash Player 10.1 for Android is now showing up in the Market for the HTC EVO 4G; however, my advice is to not install it. The higher version number (10.1.92.10) may be tempting—version 10.1.72.7 was included in the OTA Froyo update—but Adobe has issued a security advisory about a "critical vulnerability" that exists in this particular version of Flash Player for Android. This vulnerability "could cause a crash and potentially allow an attacker to take control of the affected system."

The issue can also be found in desktop versions of the plug-in as well as in other Adobe products. The company says Windows (as usual) is the main target, but the mere mention of Android in the advisory is enough reason for me to stick with the existing Flash Player. The chances of your EVO being targeted and/or affected by this vulnerability are probably very slim, but I'd rather err on the side of caution here, especially considering the accounts and information that can be found on an Android phone because of all the Google integration.

An update that fixes the problem is expected to be released during the last week of September.

[Adobe]
Pocketables does not accept targeted advertising, phony guest posts, paid reviews, etc. Help us keep this way with support on Patreon!
Become a patron at Patreon!

Jenn K. Lee

Jenn K. Lee is the founder of Pocketables. She loves gadgets the way most women love shoes and purses. The pieces in her tech wardrobe that go with everything are currently the Samsung Galaxy Note II, Sony Tablet P, and Nexus 7, but there are still a couple of vintage UMPCs/MIDs in the back of her closet.

More posts by Jenn | Subscribe to Jenn's posts

Avatar of Jenn K. Lee

9 thoughts on “Updated Flash Player 10.1 (version 10.1.92.10) for HTC EVO has security vulnerability

  • Avatar of Dan4G

    I was confused by this flaw because I thought it effects all versions including previous versions of Adobe flash, not just the new release.

    Reply
  • Avatar of NeoteriX

    The advisory says, “A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android.”

    So it looks like earlier versions for other OS’s but only the most recent version for Android Flash.

    Reply
  • Avatar of Daniel S.

    It amuses me that Adobe hasn’t, you know, PULLED THIS UPDATE knowing the vulnerability and all. I mean, its their software on the Market and all.

    Reply
  • Avatar of Brian B

    I just downloaded it first then visited your website. Should I be worried? What precautions should I take until the patch arrives?
    I’m on Mac OS X 10.6.4 and use G mail.
    Thanks,
    Brian B

    Reply
  • I’ve got 10.1.92.8. There’s no vulnerability with that one right?

    Reply
  • Avatar of Carl

    I also had the newest version. After reading this i uninstalled it. Should i be worried?

    Reply
  • Avatar of WRX7M

    I wish I had known this yesterday lol

    Reply
  • Avatar of patrick

    go to setting and applications>manage applications, adobe should be under download tab if you updated it, select it then click on remove updates and you will be back to original froyo version.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *