Adobe has released patches for 11 critical security vulnerabilities in Flash Player. This Thursday, all the latest patch fixes were released for the Adobe Flash Player. According to the software giant, there was much vulnerability that could allow an attacker to gain control over an affected system. Hence, patches were promptly released for the Windows, Mac and Linux operating systems. There are certain primary issues that were addressed with the latest patch releases. They are as follows:-
- Issues that affect Adobe Flash Player runtime for Windows and Mac.
- Issues affecting The Adobe Flash Player Extended Support Release.
- Problems affecting Adobe Flash Player for Linux and Flash Player installed with Google Chrome and Internet Explorer
These patches also deal with memory corruptions along with type confusion vulnerabilities which could be responsible for remote code execution. The vulnerabilities which could result in the bypass of cross-domain policies have also been addressed by this release. The additional updates fix a vulnerability associated with integer overflow. Similarly, it also addresses use-after-free vulnerabilities that could again lead to remote code execution.
Adobe has highly recommended that users update their products to the latest released versions. In the meantime, the users for Windows and Mac related Adobe Flash Player desktop runtime should promptly update to Adobe Flash Player 17.0.0.134. The users of Adobe Flash Player Extended Support Release should install the Adobe Flash Player 13.0.0.277 update. At the same time, the users for Adobe Flash Player for Linux need to update to the Adobe Flash Player 11.2.202.451 version.
An automatic update will be released to version 17.0.0.134 for Google Chrome users who have the Flash Player enabled. The users of Internet Explorer on Windows 8.x will also see a similar update. The latest security patch addresses issues related to Adobe Flash Player version 16.0.0.305 along with other previous versions. It will also affect the 13.0.0.269, 11.2.202.442 and both earlier 11.x and 13.x versions.
Credits were given out by Adobe in the security bulletin to Google Project Zero researchers, HP’s Zero Day Initiative team, the NCC Group Intel Labs and McAfee Labs, and the Chromium vulnerability reward program. Last Tuesday, Microsoft also released over 12 security updates which fix issues related to Microsoft Text Services, older Windows OS versions, Internet Explorer and Microsoft Office vulnerabilities.