Adobe Patches Flash Player, AIR

Friday, June 13, 2014 @ 01:06 PM gHale


Adobe updated Flash Player for Windows, Mac OS X and Linux to fix six vulnerabilities.

Adobe Flash Player for Windows and Adobe Flash Player for Mac OS X updated to version 14.0.0.125, and Adobe is advising users of 13.0.0.214 and earlier releases to update their installations. Adobe recommended Linux users to update to version 11.2.202.378.

RELATED STORIES
Adobe Fixes 18 Vulnerabilities
Adobe Fixes Flash Zero Day
After False Start, Apache Struts Fixed
DoS Risk with Apache Tomcat Servers

Adobe Flash Player installed with Google Chrome, Internet Explorer 10 and Internet Explorer 11 updates automatically, the company said.

Additionally, Adobe AIR, Adobe AIR SDK and Compiler, and Adobe AIR SDK updated to version 14.0.0.110. The security updates for these applications have a priority rating of 3, just like the update for the Linux version of Adobe Flash Player.

The Adobe Flash Player updates for the Windows and Mac OS X versions have a priority 1 rating, which according to Adobe, indicates they fix “vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform.”

The vulnerabilities fixed in the latest versions of Adobe Flash Player are:
• CVE-2014-0531, CVE-2014-0532, CVE-2014-0533: Cross-site-scripting vulnerabilities reported to Adobe by Erling Ellingsen of Facebook
• CVE-2014-0534: Security bypass vulnerability reported by Masato Kinugawa
• CVE-2014-0535: Security bypass issue reported to Adobe by Bas Venis
• CVE-2014-0536: Memory corruption vulnerability that could result in arbitrary code execution, reported by Leong Wai-Meng of Trend Micro

Users can follow the online instructions to verify the version of Adobe AIR installed on a system.



Leave a Reply

You must be logged in to post a comment.