Security Alert (A16-05-04): Multiple Vulnerabilities in Adobe Flash Player
13 May 2016
Security updates are released for Adobe Flash Player to address multiple vulnerabilities caused by type confusion, use-after-free problem, heap buffer overflow, memory corruption and directory search path errors. A remote attacker could entice a targeted user to open a specially crafted web page, Flash file, or document that supports embedded Flash content to exploit the vulnerabilities.
It is reported that the vulnerability CVE-2016-4117 is being actively exploited.
Adobe Flash Player for Windows and Macintosh 22.214.171.1243, 126.96.36.199 and earlier versions
Adobe Flash Player for Google Chrome 188.8.131.52 and earlier versions
Adobe Flash Player for Internet Explorer 11 and Microsoft Edge 184.108.40.206 and earlier versions
Adobe Flash Player for Linux 220.127.116.116 and earlier versions
AIR Desktop Runtime 18.104.22.168 and earlier versions
AIR SDK & Complier 22.214.171.124 and earlier versions
A successful attack could lead to arbitrary code execution.
Upgrade Adobe Flash Player to the following versions to address the issues. The upgrade can be obtained by using the auto-update mechanism or by downloading at the following URLs:
Adobe Flash Player 126.96.36.1992, 188.8.131.52 for Windows and Macintosh http://www.adobe.com/go/getflash http://www.adobe.com/products/players/flash-player-distribution.html http://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html
Adobe Flash Player 184.108.40.206 for Google Chrome http://googlechromereleases.blogspot.com/
Adobe Flash Player 220.127.116.11 for Microsoft Edge and Internet Explorer 11 Available via Windows Update
Adobe Flash Player 18.104.22.1681 for Linux http://www.adobe.com/go/getflash
AIR Desktop Runtime 22.214.171.124 http://get.adobe.com/air/
AIR SDK, SDK & Complier 126.96.36.199 http://www.adobe.com/devnet/air/air-sdk-download.html
If you have multiple browsers, you are required to perform the Adobe Flash Player upgrade for each browser, the Flash Player version can be checked at http://www.adobe.com/software/flash/about/