Adobe has released patches for a string of critical vulnerabilities in Flash on all of the major supported platforms, including Windows, Mac OS X and Android. The company is recommending that customers update their machines immediately.
The update to Flash fixes 12 vulnerabilities, including a number of memory corruption vulnerabilities, stack overflows and heap corruption bugs. All but one of the flaws could lead to remote code execution, and the remaining one which only affects Flash on Internet Explorer, could result in a cross-domain policy bypass.
“Critical vulnerabilities have been identified in Adobe Flash Player 126.96.36.199 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 188.8.131.52 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system,” the company said in its advisory.
Flash is one of the more widely deployed applications in the world, and it has become a frequent attack vector in recent years. Users who have Flash installed should update as soon as possible, and make sure to check for updates on all of the browsers installed on their machines. Android users can get the newest version of Flash for their devices by visiting the Android Market.