Adobe’s Flash Player continues to be a problematic software and the company tries hard to keep everything under control by releasing new security updates that address critical vulnerabilities that could allow hackers to take control of the affected system. The latest update is available for Windows, Macintosh, Linux and Chrome OS and it arrived in the same day as Microsoft’s Patch Tuesday.
Version 23.0.0.205 and earlier of Adobe Flash Player for desktop has affected Windows, and Mac platforms, as well as Chrome, Edge and Internet Explorer 11 on Windows 10 and 8.1, while
and the developers had to patch nine code execution flaws reported out of Trend Micro’s Zero Day Initiative: CVE-2016-7857, CVE-2016-7858, CVE-2016-7859, CVE-2016-7860, CVE-2016-7861, CVE-2016-7862, CVE-2016-7863, CVE-2016-7864 and CVE-2016-7865. Six of them were use-after-free vulnerabilities, while the other three were type confusion flaws.
Adobe didn’t provide any change-log for the new Adobe Flash Player 23.0.0.207, but users are advised to download it as soon as possible. Users of the Adobe Flash Player Desktop Runtime for Windows and Macintosh will manually update to version 23.0.0.207 via the update mechanism within the product or they will visit the Adobe Flash Player Download Center and get the update from there.
The latest version of Adobe Flash Player for Linux is 11.2.202.644 and users will download it via the Adobe Flash Player Download Center. As for Google Chrome, the browser has Adobe Flash Player installed with it and it’s automatically updated to the latest version, no matter if it’s for Windows, Macintosh, Linux or Chrome OS. The same thing goes for Adobe Flash Player installed with Microsoft Edge and Internet Explorer 11 for Windows 10 and 8.1.
Adobe has also released a patch Adobe Connect on Windows, and the new 9.5.7 version has fixed an input validation vulnerability in the events registration module that could have been exploited in cross-site scripting attacks.
Leave a Reply