Adobe Fixes Flash Issues

Friday, August 11, 2017 @ 04:08 PM gHale

Adobe cleared multiple security vulnerabilities this month including vital patches for Flash player.

The vulnerabilities affected products including Adobe Flash Player Desktop Runtime for versions and earlier, Adobe Flash Player for Google Chrome version and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 11 versions and earlier.

Adobe to Drop Flash Player
Adobe Releases Updated Flash Player
Adobe Fixes Product Vulnerabilities
Adobe Patches Multiple Vulnerabilities

Flash player updates were for Windows, Macintosh, Linux and Chrome OS and addressed a critical type confusion vulnerability that could lead to code execution, and a security bypass vulnerability that could lead to information disclosure, according to the Tuesday Security Bulletin.

Adobe unveiled last month it was planning to discontinue Flash at the end of 2020.

The update also included patches for Adobe Experience Manager including two moderate vulnerabilities that could result in an information disclosure and one important vulnerability that could result in arbitrary code execution attacks.

Adobe also addressed critical and important vulnerabilities in Adobe Acrobat and Reader, all of which could result in either a remote execution or information disclosure.

Those issues come from memory corruption, use after free bugs, heap overflow, security bypass, type confusion flaws and one insufficient verification of data authentication flaw.

In Adobe Digital Editions, the update patched two critical flaws and one important flaw which could result in remote code execution, information disclosure, and memory address disclosure, respectively.

The two critical flaws respectively stemmed from a buffer overflow and XML External Entity Parsing while the final flaw stemmed from memory corruption.

Adobe recommends users patch their systems as soon as possible.

Leave a Reply

You must be logged in to post a comment.