Adobe Updates Flash Player

Thursday, March 13, 2014 @ 06:03 PM gHale


Adobe released updates for Flash Player 12.0.0.70 for Windows and Mac, and Flash Player 11.2.202.341 for Linux to address security holes.

The company advises all users of Adobe Flash Player 12.0.0.70 and earlier versions for Windows and Mac to update their installations to version 12.0.0.77. Linux users who still utilize version 11.2.202.341 and earlier should update to Flash Player 11.2.202.346.

RELATED STORIES
Adobe Patches Shockwave
IE Leads Patch Tuesday Fixes
Exploit for Patched Flash Bug
Exploit for Patched Flash Bug

The updates address two vulnerabilities. The first one has the CVE identifier CVE-2014-0503 and it refers to a flaw that could end up exploited to bypass the same origin policy. The second issue, CVE-2014-0504, could allow attackers to read the contents of the clipboard.

The same origin policy bypass vulnerability ended up discovered by Masato Kinugawa. The other security hole by Jordan Milne.

Adobe said Flash Player 12.0.0.70 installed with Chrome, Internet Explorer 10 and Internet Explorer 11 will update automatically to the latest version.

Flash Player vulnerabilities often end up leveraged by bad guys in their operations. Last month, Adobe released an emergency update to fix a Zero Day exploit.



Leave a Reply

You must be logged in to post a comment.