Adobe Patches Flash Player Security Vulnerabilities

Printer-friendly version Email this CRN article

Adobe on Tuesday released security updates for Flash Player to repair flaws the company said could potentially allow an attacker to take over an infected system.

Adobe said it is not aware of any exploits or attacks in the wild targeting the four Flash Player security vulnerabilities.

"These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system," Adobe's Product Security Incident Response Team said in a blog post announcing the Flash Player security updates.

[Related: Adobe Confirms Serious PDF Attack Bypassing Reader Protections]

The updates affect Flash Player 11.6.602.171 and earlier versions for Windows and Macintosh, Flash Player and earlier versions for Linux, Flash Player and earlier versions for Android 4.x, and Flash Player, and earlier versions for Android 3.x and 2.x.

Tuesday's patches come less than one month after Adobe released an update to fix two Flash Player flaws actively targeted in the wild. Adobe said attackers were trying to exploit the coding errors by tricking users into visiting malicious web pages.

Earlier in February, Adobe released two updates for Flash Player in less than a week. One of the updates repaired 17 Flash Player vulnerabilities.

Criminals have been targeting the ubiquitous Flash Player browser component, often using automated attack tool
kits designed to help build malicious websites that exploit vulnerabilities in the software to infect unsuspecting visitors with malware, security experts have said.

Apple recently announced that it is now blocking use of outdated Flash Player plug-ins in its Safari browser in an attempt to quash attacks targeting older versions of the software.


Printer-friendly version Email this CRN article

Get a roundup of CRN's security coverage right to your inbox with the Security Advisor newsletter.