Menu
Adobe patches remote code execution and keylogging flaws in Flash Player

Adobe patches remote code execution and keylogging flaws in Flash Player

Some of the vulnerabilities allow attackers to take full control of users' systems

Adobe Systems fixed nine vulnerabilities in Flash Player that allow attackers to record users' keystrokes or take complete control of their computers.

These are Flash Player updates you'll want to install, unlike the malicious one served from the North Korean news agency site.

The updates, Flash Player 16.0.0.257 for Windows and Mac and Flash Player 11.2.202.429 for Linux, address seven remote code execution vulnerabilities, an information disclosure flaw that can be exploited to capture keystrokes and a lower-risk file validation issue.

The company also included the fixes in its Flash Player Extended Support Release (ESR), an older Flash Player version used by organizations that prefer stability over new functionality. The updated ESR version is 13.0.0.260.

Users of Google Chrome and Internet Explorer on Windows 8 or 8.1 will automatically receive the Flash Player updates through the update mechanisms of those browsers.

Adobe AIR, a framework for developing and running rich Internet applications, has also been updated because it bundles Flash Player. The AIR desktop runtime was updated to version 16.0.0.245, the AIR SDK (Software Development Kit) and Compiler were updated to version 16.0.0.272 and Adobe AIR for Android was updated to version 16.0.0.272.

Outdated Flash Player browser plug-ins are a common target in drive-by download attacks that install malware through silent exploits hosted on compromised websites. Users should always make sure they're running the latest versions of Flash Player, Java, Silverlight, Adobe Reader and other programs that install browser plug-ins.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags patch managementonline safetypatchesAdobe SystemsExploits / vulnerabilities

Events

Featured

Slideshows

Channel kicks 2021 into gear as After Hours returns to Auckland

Channel kicks 2021 into gear as After Hours returns to Auckland

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Pantry at Park Hyatt in Auckland to kick-start 2021.

Channel kicks 2021 into gear as After Hours returns to Auckland
The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

The leading female front runners of the New Zealand ICT industry joined together for the annual Reseller News Women in ICT Awards event at the Hilton in Auckland, during which hundreds of guests celebrated 13 outstanding individuals who won awards, chosen from more than 50 finalists representing over 30 organisations.

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards
Show Comments