More updates for six serious Adobe Flash flaws

Hot off the heels of last week’s Flash Player patch, Adobe has released more updates for six critical Flash Player flaws affecting Windows, Macs, Linux and Android systems.

The scheduled update follows a patch it released last week for a Flash Player flaw that was being used in attacks on Windows targets. Mac and Windows users that updated to version 11.3.300.271 last week should updated to version 11.4.402.265 from today.

Linux machines running Flash Player that did not update version 11.2.202.236 to 11.1.202.238 last week are being advised again to do that today, while Flash Player in Chrome will be automatically updated with the latest browser version. Flash Player for all Android versions should also be updated to the latest version.

Adobe is also advising Adobe AIR users to install the latest update.

“These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system,” said Adobe’s bulletin. It said it was not aware of any of the flaws being exploited.

Users can check which version of Flash Player each browser is using here.

Adobe gave the Windows Flash Player update a priority rating of one because of the higher likelihood it would be targeted. Adobe advises administrators to install this update ideally within three days.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Comments

Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Sophos SafeGuard Enterprise

Your central key for data protection

more »

Submit your own security event

Submit your training courses

Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.

Read More
more »