Technology News

latest updates from easySERVICE™

Adobe’s latest security update includes patches for vulnerabilities which allow remote code execution.

adobe-logo

Adobe has issued patches for security vulnerabilities in Flash Player — 11 of which are deemed critical.

On Thursday, Adobe issued its latest set of security updates for the Adobe Flash Player. The updates for Windows, Mac and Linux users address “vulnerabilities that could potentially allow an attacker to take control of the affected system,” according to the software giant.

The security update fixes issues affecting Adobe Flash Player desktop runtime for Windows and Mac, the Adobe Flash Player Extended Support Release, Adobe Flash Player for Linux and Flash Player installed with IE and Google Chrome.

The patches solve memory corruption vulnerabilities and type confusion vulnerabilities which could lead to remote code execution, vulnerabilities which could cause the bypass of cross-domain policies, as well as security issues which allow the circumvention of file upload restriction. In addition, other updates fix an integer overflow vulnerability and use-after-free vulnerabilities which could lead to remote code execution.

Adobe recommends that users update their products to the latest versions. Windows and Mac users of the Adobe Flash Player desktop runtime should update to Adobe Flash Player 17.0.0.134, users of the Adobe Flash Player Extended Support Release should update to Adobe Flash Player 13.0.0.277, and users of the Adobe Flash Player for Linux need to update to Adobe Flash Player 11.2.202.451.

Google Chrome users with Flash Player enabled, as well as users of Internet Explorer on Windows 8.x with the software will see an automatic update to version 17.0.0.134.

Adobe Flash Player version 16.0.0.305 and previous versions, as well as 13.0.0.269, 11.2.202.442 and both earlier 11.x and 13.x are affected by the latest security patch.

Within the security bulletin, Adobe has given credit to Google Project Zero researchers, Intel Labs and McAfee Labs, HP’s Zero Day Initiative team, the NCC Group and the Chromium vulnerability reward program.

Source: Associated Press

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Information

This entry was posted on March 13, 2015 by in Adobe and tagged , , .
%d bloggers like this: