Adobe released new Flash player version 11.1.102.55 to fix the number of critical vulnerabilities. Update is available for Windows, Mac, Linux, Solaris and Android versions of Flash and Adobe Air.
Critical vulnerabilities have been identified in Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 11.0.1.153 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 11.0.1.153 and earlier versions for Android
- Adobe AIR 3.0 and earlier versions for Windows, Macintosh, and Android
Updated version is available here.
Adobe AIR update version is available here.
"They are patching a ton of serious bugs today, and nearly all of them allow for remote code execution," said Andrew Storms, director of security operations at vulnerability management firm nCircle. He criticized Adobe for not offering any mitigation advice in their advisories, leaving users with only the option to patch.
"Sometimes we can't load your critical patches immediately," Storms said. "Any assistance you could offer would be much appreciated."
