Adobe Fills Hole in Flash, AIR

Wednesday, June 12, 2013 @ 01:06 PM gHale


Adobe closed only one hole on its June patch day, but it is an important hole.

The memory error, discovered and reported confidentially by Google’s security team, affects all versions of Flash Player and Adobe AIR. Attackers can potentially exploit the hole to gain control of systems.

RELATED STORIES
Adobe in Patch Mode
PDF Hole Used in APT Attacks
Reader PDF Tracking Bug
Adobe Patches Platforms

On a whole, bugs in Flash are the ultimate commodity with cyber-criminals and therefore users should update to the fixed version 11.7.700.224 as soon as possible. For Mac OS X, Adobe released an update to version 11.7.700.225, while the latest version under Linux is now 11.2.202.291. Users of Google Chrome or Internet Explorer 10 (under Windows 8) will automatically receive the Flash Player updates. Adobe has also updated Flash for Android, where the latest versions are now 11.1.115.63 for Android 4 and version 11.1.111.59 for older Android systems.

The fixed version of Adobe AIR for Windows and Android is Adobe AIR 3.7.0.2090, and version 3.7.0.2100 is the latest update for Mac OS X. Adobe has also patched the corresponding SDKs, the version numbers for which are identical.

The company warned those who use Flash version 10 that version 11.7.x will become the next Extended Support version when patch day comes round again. This means the just released security patches will be the last patches for version 10.



Leave a Reply

You must be logged in to post a comment.