Showing posts with label flash player. Show all posts
Showing posts with label flash player. Show all posts

Tuesday, February 26, 2013

Adobe Patches Flash Again to Protect FireFox Users Against Malware Attacks

Adobe Flash PlayerAdobe has released yet another emergency patch for Flash Player to fix three vulnerabilities, two of which cybercriminals are actively exploiting in attacks that target Firefox users.

The attacks are designed to trick users into clicking links pointing to a website rigged with malicious Flash (SWF) content. Adobe warns that the two vulnerabilities exploited in these attacks, CVE-2013-0643 (permissions issue with Flash Player Firefox sandbox) & CVE-2013-0648 (bug in ExternalInterface ActionScript feature) could allow an attacker to crash and take control of the affected system.

The third vulnerability, CVE-2013-0504 (buffer overflow) isn’t listed as a vulnerability actively being used in attacks, but it “can be used to execute malicious code.”

Naturally, Adobe recommends that users update their Flash Player to the latest version, regardless of their operating system or browser of choice.

Affected Flash Player Versions


Users can check what version of Flash Player they have installed by right-clicking on content running in Flash Player and selecting the 'About Adobe Flash Player' from the menu, or by visiting the About Flash Player page.

  • Adobe Flash Player 11.6.602.168 and earlier versions for Windows

  • Adobe Flash Player 11.6.602.167 and earlier versions for Macintosh

  • Adobe Flash Player 11.2.202.270  and earlier versions for Linux


New Flash Player Versions


Users can visit the Flash Player Download Center to download the latest version.

After updating their system, users should be running the following version of Flash Player:

  • Adobe Flash Player 11.6.602.171 (Windows & Mac)

  • Adobe Flash Player 11.2.202.273 (Linux)


[via Adobe Security Bulletin]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+
Posted by at No comments:
Labels: , , , , , , , , ,

Friday, May 4, 2012

Adobe Issues Patch for Flash Player Security Flaw Actively Being Exploited in Targeted Attacks

Adobe Flash PlayerTake a moment to update Adobe Flash today, folks.

Adobe has released important security updates for Adobe Flash Player to plug an object confusion vulnerability that could allow an attacker to crash the application and take control of the affected system.

Adobe warns that the security flaw is actively being exploited in targeted attacks against Flash Player on Internet Explorer for Windows.  The attacks are email-based and involve tricking the user into clicking on malicious files delivered in email messages.

Although the attacks target Flash Player for Internet Explorer on Windows, Adobe recommends that all Windows, OS X and Linux users update to Flash Player 11.2.202.235, Android  4.x users update to Flash Player 11.1.115.8, and Android 3.x and earlier update to Flash Player 11.1.111.9 since the vulnerability exists in previous Flash Player versions for those platforms as well.

Check What Version of Flash Player You Have


Users can check what version of Flash Player they currently have installed by:

  1. Visiting the Adobe Flash Player page, or

  2. Right-clicking on content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu.


You will have to check the version for each separate browser if you didn’t opt for automatic silent updates (Google Chrome was updated automatically, so no user interaction is required). Keep in mind that the silent updates are only available for Windows at this time.

It is strongly recommended that Windows users update Flash Player immediately.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.
Posted by at No comments:
Labels: , , , , , ,

Thursday, March 29, 2012

Adobe Updates Flash Player to Patch 2 Vulnerabilities, Adds New Automatic Update Option

Adobe Flash PlayerIt’s time to update Adobe Flash again!

On Wednesday, Adobe released an update that not only fixed 2 critical vulnerabilities, but finally offers an automatic update option to make it easier to apply updates across multiple browsers.

The patch addresses 2 memory corruption vulnerabilities (CVE-2012-0772 & CVE-2012-0773) within Flash Player 11.1.102.63 and earlier versions for Windows, Mac, Linux and Solaris along with Flash Player 11.1.111.7 and earlier builds for Android 3.x/2.x that Adobe warns could cause a crash and allow remote code execution by an attacker.

Adobe recommends that Windows, Mac and Linux users visit the Adobe Flash Player Download Center to update to Flash Player 11.2.202.228. Solaris users are also advised to visit the download center to update to Flash Player 11.2.202.223.

Android 2.x and 3.x users should update to Flash Player 11.1.111.8 via Google Play Store.

In regards to the new automatic update options, Adobe explains that once you’ve successfully installed Adobe Flash Player 11.2 you will be presented with a dialog box to select your update method of choice:

  • Install updates automatically when available (recommended)

  • Notify me when updates are available

  • Never check for updates (not recommended)


By the way, the new background update feature is currently only available for Windows users (XP and newer). The automatic update feature for Mac is currently under development and should be available soon.

In the even that you have no idea what version of Flash Player you have installed, you can always go here to find out.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.
Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)