News Stay informed about the latest enterprise technology news and product updates.

Adobe Flash Player security update fixes flaws, issues Firefox shield

Adobe repaired seven dangerous vulnerabilities in its latest Flash Player update and added sandboxing protection for Firefox and Mac users.

Adobe Systems Inc. rolled out a Flash Player security update, fixing seven serious vulnerabilities in the ubiquitous...

application, while adding support for a protection feature designed to safeguard users from malware infections.

Adobe said in its advisory that the latest version, Flash Player 11.3, fixes flaws that could cause a crash and potentially allow an attacker to take control of the affected system.The update is available for users of Windows, Mac, Linux and Google Android platforms. Adobe AIR patches are also available for Adobe Air running on Windows, Mac and Android.

Sandboxing protection for Mac, Firefox users
Adobe is adding Protected Mode support for users of its Flash Player component in Mozilla Firefox. Protected Mode adds a container to Firefox, isolating it from accessing sensitive resources. The protection makes it difficult for attackers to use Flash Player to gain access to a user’s system. Users have been testing the beta version of Flash Player sandboxing support for Firefox since February. The software maker also produces a sandbox version of Flash Player for the Chrome browser.

Security researchers have demonstrated that sandboxing isn’t a silver bullet. If an attacker attempts to exploit a vulnerability in Flash Player on Firefox, they would then have to design a second attack to attempt to break out of the sandbox and onto the victim’s machine.

“Flash Player Protected Mode for Firefox is another step in our efforts to raise the cost for attackers seeking to leverage a Flash Player bug in a working exploit that harms end users,” said Brad Arkin, senior director of product security and privacy in a blog post describing the new Flash Player protection.

Protected Mode for Adobe Reader was introduced in 2010.

Adobe also added support for a feature added to Mac OS X Mountain Lion called Gatekeeper, which can check for signs that an attacker is tampering with Flash Player. Arkin said the support for Gatekeeper ensures users aren’t downloading a phishing link containing a malicious version of Flash Player. The new auto update feature support for Mac users’ checks for updates hourly. The background updater can download and install the update without interrupting the end user’s session with a prompt,” Arkin wrote.

Dig Deeper on Web application and API security best practices

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.