Your one-stop web resource providing safety and security information to manufacturers

Adobe released the second update for its Flash Player software in a week, this time for six critical vulnerabilities.

Four of the issues addressed are problems with memory corruption that could lead to remote code execution; additionally, the update fixes an integer overflow vulnerability that could also lead to remote code execution. Another fixed bug was a cross-domain information leak.

Adobe Patches Holes, More Flaws Exist
Critical Holes in Reader, Acrobat
Study: Users Slow on Browser Updates
Police Virus Malware Growing

The problems exist in Flash Player 11.3.300.271 and earlier versions on Windows, Macintosh and Linux, and in the Android versions (Android 4.0) and (Android 3.x and 2.x) and earlier.

Adobe rated all six vulnerabilities as critical. The company’s security bulletin does not contain any detailed information about the flaws. Users should update their version of Flash as soon as possible, the company said.

Cyber Security

Adobe released Flash Player 11.4.402.265 for Windows and Mac OS X, version for Linux and Flash Player and for Android. The Android updates are only available to devices that had Flash Player installed before August 15 when Adobe stopped making Flash for Android available. As Flash is the basis of Adobe’s AIR, it also updated to version

Windows, Mac OS X and Linux users can get the update appropriate for their system from the Flash Player Download Center or for a different system through another page on Adobe’s web site. The users of Google’s Chrome browser will automatically get an update to the latest version of the Flash Player component, which is included in version 21.0.1180.81 of Chrome for Linux, 21.0.1180.83 for Windows and 21.0.1180.82 for Mac OS X.

The latest Flash update comes a week after Adobe fixed several other vulnerabilities in its Flash Player and Adobe Reader software. Several vulnerabilities in Adobe Reader remain unpatched.

Pin It on Pinterest

Share This