(LiveHacking.Com) – Adobe has released a new version of its ubiquitous Flash Player. Version 11.3 fixes at least seven critical security vulnerabilities. The new version also enables the background updater for Mac OS X. Older versions are vulnerable to crashes and potential arbitrary code execution. The new version is available for all supported operating systems, i.e. Windows, OS X, Linux. Affected versions including Adobe Flash Player 220.127.116.11 and earlier versions. For Android, Adobe has released a new version of the 11.1.x series where Adobe Flash Player 18.104.22.168 and earlier versions for Android 4.x, and Adobe Flash Player 22.214.171.124 and earlier versions for Android 3.x and 2.x are vulnerable.
Of the seven vulnerabilities fixed two are memory corruptions, one is a stack overflow vulnerability, one is an integer overflow vulnerability and another is a null de-referencing problem. All of these could lead to code execution. Of the remaining two, one is a security bypass vulnerability that could lead to information disclosure and the others is a binary planting vulnerability in the Flash Player installer that could lead to code execution.
Google has released a new version of its Chrome web browser to upgrade the built-in Flash Player to 11.3.300.257.
For users who cannot update to Flash Player 11.3, Adobe has released a patched version of Flash Player 10.x which can be downloaded here.
Along with the release of Flash 11.3, Adobe has also released a new version of Adobe Air for Windows, Macintosh and Android. Users of Adobe AIR 126.96.36.1990 should update to Adobe AIR 188.8.131.5210.