Highly critical is a rating for “remotely exploitable vulnerabilities that can lead to system compromise” that usually do not “require any interaction” and where exploits are already in the wild.

The Adobe Flash vulnerability that has been reported is affecting Adobe Flash Player 10.x and Adobe Flash Player 9.x.

A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to an unspecified error. No more information is currently available.

Successful exploitation allows execution of arbitrary code.

The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.

NOTE: The vulnerability is reportedly being actively exploited.

The release candidate of the upcoming Adobe Flash Player 10.1 does not seem to be affected by the vulnerability according to the information at the Secunia website.

Users who want to protect their computer system from being exploited by the vulnerability can either disable Adobe Flash for the time being or update to the Adobe Flash Player 10.1 Release Candidate. Additional information about the vulnerability are posted in a Security Bulletin at the Adobe website.

The Adobe Reader and Adobe Acrobat vulnerability might be related to the Adobe Flash vulnerability. The Secunia Advisory lists Adobe Reader 9 versions for Windows, Macintosh and Linux as affected by the vulnerability.

The vulnerability is caused due to a vulnerable bundled version of Flash Player (authplay.dll).Successful exploitation allows execution of arbitrary code.

The vulnerability is reported in version 9.3.2 and earlier 9.x versions for Windows, Macintosh, and UNIX.

NOTE: The vulnerability is currently being actively exploited.

The temporary solution to protect the computer system from the exploits is to delete, rename or remove access to autoplay.dll to prevent Flash content from being executed in Adobe Reader and Acrobat.

Apple Mac and Unix systems are affected by the vulnerability as well but the exploit that is currently in the wild is only affecting Windows. Adobe suggests to enable UAC in Windows Vista (and Windows 7). Windows XP users should consider moving or deleting authplay.dll to protect their computer system from the threat against Adobe Reader and Acrobat “but users will experience a non-exploitable crash or error message when opening a PDF that contains SWF content”.

An alternative would be to uninstall Adobe Reader or Acrobat and install one of the available third party pdf readers like Foxit Reader or Sumatra.

Adobe does not offer any advise on the Flash Player vulnerability. The only viable option seems to be to disable or even uninstall Flash and wait for the patch which is expected to be released on July 30 and July 31.