Adobe Systems has released a new version of its Flash Player, version 10.1.102.64, which addresses the vulnerability (CVE 2010-3654) that was the subject of an Adobe Security Advisory [APSA 10-05], and which I have posted about recently. (Note, however, that this does not fix the similar vulnerabilities in Adobe’s Reader and Acrobat.) In addition to this critical flaw, the update fixes seventeen other vulnerabilities of varying severity. More information on the flaws fixed is given in the Security Bulletin [APSB 10-26], released along with the updates. This update applies to all platforms (Windows, Mac OS X, Solaris, and Linux) with the exception of Android, which Adobe plans to update next week.
Installation packages can be downloaded from the Flash Player download page; Windows users can also use the update mechanism built into the software. Windows users should note that there are two versions of the player: one for Internet Explorer, and one for other browsers, soo you may need to install two updates.
Because of its security content, I recommend that you install this update as soon as you conveniently can.
Update Friday, 5 November, 14:46 EDT
The good folks at the SANS Internet Storm Center have posted a diary entry with a handy summary table, to make it a bit easier to keep up with the state of Adobe’s patches.