Adobe issues critical Flash Player update

Critical flaws can be exploited by attackers to take complete control of a victim's machine, the software giant said in an advisory.

Adobe has issued a critical update to Flash Player, repairing three vulnerabilities in the widely used software that it says could cause a crash and potentially allow an attacker to take control of an affected system.

The Adobe Flash Player update affects users of Windows, Macintosh, Linux and Android smartphones. Users of Adobe Air on Windows and Macintosh are also impacted by the update, Adobe said.

"Adobe is not aware of any exploits or attacks in the wild for any of the issues addressed in this update," the software maker said in its advisory.

Users of Adobe Flash Player on Windows are especially at risk, Adobe said. The company gave Flash Player on Windows its highest priority rating, urging users to upgrade quickly.

Adobe acknowledged several researchers for finding the coding errors, including Mateusz Jurczyk, Gynvael Coldwind and Tavis Ormandy and Fermin Serna of the Google Security Team and an anonymous contributor through the HP-TippingPoint Zero-Day Initiative.

ColdFusion 10 hotfix

Adobe has released a security hotfix for ColdFusion 10 and early for users of the software on Windows, Macintosh and UNIX systems. "This hotfix resolves a vulnerability which could result in a sandbox permissions violation in a shared hosting environment," Adobe said in its advisory.

The ColdFusion 10 update, which repairs a single vulnerability, is rated Important.

Dig deeper on Web Application and Web 2.0 Threats

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close