Security Alert (A15-10-04): Multiple Vulnerabilities in Adobe Flash Player
19 October 2015
Security updates are released for Adobe Flash Player to address multiple vulnerabilities caused by type confusion. A remote attacker could entice a targeted user to open a specially crafted web page, Flash file, or document that supports embedded Flash content to exploit the vulnerabilities.
Reports indicate that one of the vulnerabilities is being exploited in the wild through targeted attacks.
Adobe Flash Player for Windows and Macintosh 22.214.171.124, 126.96.36.199 and earlier versions
Adobe Flash Player for Linux 188.8.131.525 and earlier versions
A successful attack could lead to arbitrary code execution or potentially take control of the affected system.
Upgrade Adobe Flash Player to the following versions to address the issues. The upgrade can be obtained by using the auto-update mechanism or by downloading at the following URLs:
Adobe Flash Player 184.108.40.206 & 220.127.116.11 for Windows and Macintosh http://www.adobe.com/go/getflash http://www.adobe.com/products/players/flash-player-distribution.html http://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html
Adobe Flash Player 18.104.22.168 for Chrome OS & 22.214.171.124 for Google Chrome http://googlechromereleases.blogspot.com/
Adobe Flash Player 126.96.36.1990 for Linux http://www.adobe.com/go/getflash
Currently, the new version of Adobe Flash Player 188.8.131.52 for Internet Explorer 10 and 11 on Windows 8 and 8.1 and for Microsoft Edge and Internet Explorer 11 on Windows 10 is still pending from the product vendor. Since the vulnerabilities could be exploited by simply viewing a malicious website, as an interim measure as well as security best practices, users are reminded not to visit suspicious websites, nor follow URL links from un-trusted sources or emails such as spam, and to keep the virus signature as well as detection and repair engine up-to-date.
If you have multiple browsers, you are required to perform the Adobe Flash Player upgrade for each browser, the Flash Player version can be checked at http://www.adobe.com/software/flash/about/