Adobe Has Another Flash Update

Adobe has an updated Flash Player 9.0.28.0 that patches a security bug that affects Flash Player 7.x, 8.x, and 9.x. The bug lets remote attackers modify HTTP headers which could then lead to HTTP Request Splitting attacks. Users of Flash Player 7-9 should get the latest player at http://www.adobe.com/go/getflashplayer. Note that Microsoft also issued a security bulletin on the same day about Flash Player -- but this bulletin was about a bug in Flash Player 6, a bug fixed by Adobe two months earlier.