ADOBE HAS ISSUED an update to its Flash Player across all version for Windows, Mac, and Linux, patching six vulnerabilities.
The bugs affect Flash Player versions 22.214.171.124 and earlier for Microsoft Windows and Apple Mac OS X and versions 126.96.36.1999 and earlier for Linux, though the firm gave Flash Player on Windows and Macintosh the most attention because the bug lets attackers execute code without the user being aware.
The firm failed to mention anything else about the vulnerabilities in its advisory, other than that they "could potentially allow an attacker to take control of the affected system". The new version of Flash Player for Windows and Mac is 188.8.131.52. The new Linux version is 184.108.40.2068.
"Adobe's Flash player has a critical update and since attacker's frequently use Adobe Flash as their tool of choice we recommend installing APSB14-16 next," said security firm Qualys CTO Wolfgang Kandek. "It is rated critical by Adobe for Windows and Mac. Windows XP users will remain exposed as Adobe is not testing and distributing this update for [Windows] XP anymore."
The firm also updated its AIR and AIR SDK products along with the Flash Player release on Tuesday, patching a number of issues in AIR such as one introduced in version 220.127.116.110 where DatagramSocket was not receiving packets (3747382).
Windows, Mac, and Linux users can download the update at Adobe's website. Google Chrome users on all platforms that have Flash embedded will receive their update as part of a Chrome update, Adobe said.
Microsoft Windows 8 and Windows RT users will receive updates for the Flash Player embedded in their Modern UI Internet Explorer (IE) 10 and 11 through Microsoft Windows Update.
Adobe is expected to launch a new version of its Creative Cloud suite later this month, so be sure to check back for our coverage. µ
It's time for our regular two-step through the Google news
Bug bounty offer: accepted