February 15, 2012
Google has released a new stable version, 17·0·963·56, of its Chrome browser, for Windows, Linux, Mac OS X, and Chrome Frame. The new release contains fixes for 13 security vulnerabilities, six of which Google rates as High severity. This release also includes a new version., 22.214.171.124, of the bundled Adobe Flash Player. More details on these changes are in the release announcement.
Windows and Mac users should get the new version via the built-in update mechanism. Linux users should get the updated package from their distributions’ repositories, using their standard package maintenance tools.
February 15, 2012
Adobe has released a new version, 126.96.36.199, of its Flash Player for Mac OS X, Windows, Linux, and Solaris. The new version fixes seven identified security vulnerabilities, one of which (a cross-site scripting bug) is currently being exploited. There is also a corresponding new version of FlashPlayer for Android. Adobe reports that the following versions of the software are affected by these vulnerabilities:
- Adobe Flash Player 188.8.131.52 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 184.108.40.206 and earlier versions for Android 4.x, and Adobe Flash Player 220.127.116.11 and earlier versions for Android 3.x and 2.x
Further details are available in the Security Bulletin [APSB12-03].
The new version for Windows, Mac OS X, Linux, and Solaris can be downloaded here. (Windows users should note that they may need two updates: one for Internet Explorer, and one for all other browsers.) Android user can get the new version from the Android Marketplace.
Because Flash Player is very widely installed, across multiple platforms, it is an attractive target for the maliciously inclined. I recommend that you update your system as soon as you conveniently can.