July 30, 2014

Flash Player 11.3 fixes Critical security vulnerabilities

(LiveHacking.Com) – Adobe has released a new version of its ubiquitous Flash Player. Version 11.3 fixes at least seven critical security vulnerabilities. The new version also enables the background updater for Mac OS X. Older versions are vulnerable to crashes and potential arbitrary code execution. The new version is available for all supported operating systems, i.e. Windows, OS X, Linux. Affected versions including Adobe Flash Player 11.2.202.235 and earlier versions. For Android, Adobe has released a new version of the 11.1.x series where Adobe Flash Player 11.1.115.8 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.9 and earlier versions for Android 3.x and 2.x are vulnerable.

Of the seven vulnerabilities fixed two are memory corruptions, one is a stack overflow vulnerability, one is an  integer overflow vulnerability and another is a null de-referencing problem. All of these could lead to code execution. Of the remaining two, one is a security bypass vulnerability that could lead to information disclosure  and the others is a binary planting vulnerability in the Flash Player installer that could lead to code execution.

Google has released a new version of its Chrome web browser to upgrade the built-in  Flash Player to 11.3.300.257.

For users who cannot update to Flash Player 11.3, Adobe has released a patched version of Flash Player 10.x which can be downloaded here.

Along with the release of Flash 11.3, Adobe has also released a new version of Adobe Air for Windows, Macintosh and Android. Users of Adobe AIR 3.2.0.2070 should update to Adobe AIR 3.3.0.3610.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks