Adobe Flash Player Security Update

Adobe today released new versions of its Flash Player for Windows, Mac OS X, Android, and Linux systems.  According to Adobe’s Security Bulletin [APSB13-01], the updates address a critical vulnerability in the software:

These updates address a vulnerability that could cause a crash and potentially allow an attacker to take control of the affected system

The following versions of the software are affected:

  • Adobe Flash Player 11.5.502.135 and earlier versions for Windows
  • Adobe Flash Player 11.5.502.136 and earlier versions for Macintosh
  • Adobe Flash Player 11.2.202.258 and earlier versions for Linux
  • Adobe Flash Player 11.1.115.34 and earlier versions for Android 4.x
  • Adobe Flash Player 11.1.111.29 and earlier versions for Android 3.x and 2.x
  • Adobe AIR 3.5.0.880 and earlier versions for Windows, Adobe AIR 3.5.0.890 and earlier versions for Macintosh and Adobe AIR 3.5.0.880 for Android
  • Adobe AIR 3.5.0.880 SDK and Adobe AIR 3.5.0.890 SDK

For Mac OS X, Linux, or Windows systems, you can check the version of Flash Player that you are using by visiting Adobe’s About Flash Player page.

The new versions are 11.5.502.146, for Windows and Mac systems, and 11.2.202.261 for Linux systems.  (Adobe is no longer providing new Linux versions of Flash Player, but it is still releasing security updates.)   Please see the Security Bulletin for information on Android versions.

Flash Player has always been an attractive target for the Bad Guys, because it is so widely installed across platforms.  Although I have not seen any reports of exploits “in the wild”, I do recommend that you update your systems as soon as you conveniently can.

Windows users who have the silent update option enabled should receive the new version automatically.  Windows or Mac OS X users can get the update using the update mechanism built into the software.  Alternatively, the new version for Windows, Linux, and Mac OS X is available from Adobe’s download page.  Windows users should remember that they may need two updates: one for Internet Explorer, and one for any other browser(s) you may use.

Google’s Chrome browser comes with a bundled version of Flash Player.  Although I have not yet seen a release announcement from Google, I expect that we will get a new version of Chrome fairly soon.  I’ll post a note when I see the announcement.

One Response to Adobe Flash Player Security Update

  1. […] as High severity.  As expected, the Flash Player bundled with the new release also incorporates the security fixes that Adobe released earlier this […]

%d bloggers like this: