Menu
Adobe fixes critical flaws in Flash Player and Digital Editions

Adobe fixes critical flaws in Flash Player and Digital Editions

The flaws could allow hackers to compromise computers and install malware

Adobe Systems has fixed more than 30 vulnerabilities in its Flash Player and Digital Editions products, most of which could be exploited to remotely install malware on computers.

The bulk of the flaws, 26, were patched in Flash Player on all supported platforms: Windows, Mac and Linux.

Twenty-three of those vulnerabilities can lead to remote code execution and the remaining three can be used for information disclosure or to bypass security features, Adobe said in an advisory.

Adobe advises users to update Flash Player version 23.0.0.162 on Windows and Mac or version 11.2.202.635 on Linux. The new version of the Flash Player extended support release, which only receives security patches, is now 18.0.0.375.

It's worth pointing out that Adobe recently decided to update the NPAPI version of the Flash Player plug-in for Linux, which had been frozen at version 11.2 for the past four years. This is the Flash Player plug-in version used on Linux by browsers other than Google Chrome, which uses a newer PPAPI plug-in architecture.

While this version of Flash Player has continued to receive security patches over the years, it didn't benefit from new features. However, last month the company announced that it plans to bring the NPAPI Flash Player plug-in for Linux in sync with the modern release branch, which is currently at version 23.

The Flash Player plug-in bundled with Google Chrome will be automatically updated through the browser's update mechanism and the plug-in bundled with Microsoft Edge and Internet Explorer 11 on Windows 10 and 8.1 will be updated through Windows Update.

Adobe also released version 4.5.2 of Adobe Digital Editions for Windows, Mac, iOS and Android. This new version of the company's eBook reading app fixes eight vulnerabilities, all of which could be exploited to achieve remote code execution.

Finally, the company updated its Adobe AIR SDK & Compiler for Windows to version 23.0.0.257. This is a security release that adds support for the secure transmission of runtime analytics for Android AIR applications created with the tool.

"Developers are encouraged to recompile captive runtime bundles after applying this update," the company said in an advisory.


Follow Us

Join the newsletter!

Error: Please check your email address.

Featured

Slideshows

HP channel recognised at 2017 Partner Awards

HP channel recognised at 2017 Partner Awards

The HP Partner Awards 2017 at Shed 10 kicked off with an AMD-sponsored hackers lounge, a mysterious gaming style area filled with dry ice and red lasers, the waiters wearing Mr Robot style masks.

HP channel recognised at 2017 Partner Awards
Tech industry comes together as Lexel celebrates turning 30

Tech industry comes together as Lexel celebrates turning 30

Leading figures within the technology industry across New Zealand came together to celebrate 30 years of success for Lexel Systems, at a milestone birthday occasion at St Matthews in the City.​

Tech industry comes together as Lexel celebrates turning 30
HP re-imagines education through Auckland event launch

HP re-imagines education through Auckland event launch

HP New Zealand held an inaugural Evolve Education event at Aotea Centre in Auckland, welcoming over 70 principals, teachers and education experts to explore ways of shaping and enhancing learning using technology.

HP re-imagines education through Auckland event launch
Show Comments