Adobe Fixes 12 Critical Flaws in Flash

Adobe has released patches for a string of critical vulnerabilities in Flash on all of the major supported platforms, including Windows, Mac OS X and Android. The company is recommending that customers update their machines immediately.

Adobe flash patchAdobe has released patches for a string of critical vulnerabilities in Flash on all of the major supported platforms, including Windows, Mac OS X and Android. The company is recommending that customers update their machines immediately.

The update to Flash fixes 12 vulnerabilities, including a number of memory corruption vulnerabilities, stack overflows and heap corruption bugs. All but one of the flaws could lead to remote code execution, and the remaining one which only affects Flash on Internet Explorer, could result in a cross-domain policy bypass.

“Critical vulnerabilities have been identified in Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 11.0.1.153 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system,” the company said in its advisory.

Flash is one of the more widely deployed applications in the world, and it has become a frequent attack vector in recent years. Users who have Flash installed should update as soon as possible, and make sure to check for updates on all of the browsers installed on their machines. Android users can get the newest version of Flash for their devices by visiting the Android Market.

Suggested articles

Discussion

  • Gordon on

    My patch protocol much simpler-simply dumped Flash nearly a year ago. And yet, I continue to live.

  • simon on

    thanks for that prog

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.