Last week, Adobe issued a Security Advisory about a new critical vulnerability in its Flash Player; Adobe’s AIR product is also affected. The company has now, as promised released a new version of the player, 10.2.153.1, for Windows, Mac OS X, Linux, and Solaris systems that incorporates a fix for the vulnerability. A new version of AIR, 2.6, has also been released. The complete list of affected software versions, according to Adobe, is:
- Adobe Flash Player 10.2.152.33 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 10.2.154.18 and earlier for Chrome users
- Adobe Flash Player 10.1.106.16 and earlier for Android
- Adobe AIR 2.5.1 and earlier for Windows, Macintosh and Linux
More details are available in th updated Security Bulletin [APSB 11-05].
Updated versions of Flash Player can be downloaded from the Adobe download page. Windows users can, alternatively, use th update mechanism built into the package. Windows users should also note that they may need two updates: one for Internet Explorer, and one for all other borwsers. The Google Chrome browser comes with the Flash Player included; Chrome users should be sure that they have at least version 10.0.648.134. (Google released this version, and the later 10.0.648.151, last week.) Android users can get the new version from the Android Marketplace.
Users of the AIR package can download the new version here.
Because of its security content, I recommend that you install this update as soon as you conveniently can.