Security Updates for Flash Player

Adobe has released security updates for its Flash Player software that address a number of critical security vulnerabilities.  According to the Security Bulletin [APSB12-22], the affected versions of the software are:

  • Adobe Flash Player 11.4.402.278 and earlier versions for Windows
  • Adobe Flash Player 11.4.402.265 and earlier versions for Macintosh
  • Adobe Flash Player 11.2.202.238 and earlier versions for Linux
  • Adobe Flash Player 11.1.115.17 and earlier versions for Android 4.x
  • Adobe Flash Player 11.1.111.16 and earlier versions for Android 3.x and 2.x

(The Adobe AIR software is also affected; please see the Security Bulletin for details.)  Adobe has identified 25 vulnerabilities fixed in this release.  Of these, 14 involve buffer overflows, and 11 involve memory corruption bugs.

The updated software has the following new version numbers:

  • Windows and Mac OS X:  11.4.402.287
  • Linux: 11.2.202.243
  • Android 4.x: 11.1.115.20
  • Android 2.x, 3.x: 11.1.111.119

Google will presumably release a new version of the Chrome browser to update the bundled Flash Player.  For new AIR version numbers, please see the Security Bulletin.

Because Flash Player is so widely installed across different platforms, it is a tempting target; I recommend that you update your systems as soon as you conveniently can.  Windows and Mac users can get the new version using the update mechanism built into the product; alternatively, you can get the new version from the Flash Player download center.  Windows users should remember that they may need two updates: one for the Internet Explorer plugin, and one for any other browsers they may have.

One Response to Security Updates for Flash Player

  1. […] security vulnerabilities, one of which is rated Critical.   The new version also includes the new version of Adobe’s Flash Player, released earlier today.  Further details are given in the Release […]

%d bloggers like this: