In association with heise online

06 March 2012, 10:07

Adobe updates Flash Player closing more critical holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Flash logo Adobe has issued a security bulletin for Flash Player on Windows, Macintosh, Linux, Solaris and Android. Described as a priority 2 update, Adobe says the flaw has existed for some time but there are no known exploits and it expects that to stay that way in the immediate future.

The critical flaws are reportedly a memory corruption vulnerability in Matrix3D that "could lead to code execution", reported by Google Security Team's Tavis Ormandy, and integer errors that "could lead to information disclosure", reported by fellow team member Fermin J Serna. This is the second update in less than a month for Flash Player, with seven critical flaws being fixed in an update on 16 February.

The affected versions of Flash Player are the Windows, Mac, Linux and Solaris versions 11.1.102.62 and earlier, Android 4.x 11.1.115.6 and earlier, and Android 3.x and 2.x versions 11.1.111.6 and earlier. Fixes are available for Windows, Mac, Linux and Solaris by downloading Flash Player 11.1.102.63 or later from Adobe. For Android 2.x, 3.x and 4.x, updates can be applied by going to the Android Market Place on the device and downloading version 11.1.115.7 for Android 4.x and 11.1.111.7 for Android 3.x and 2.x.

Yesterday, Google updated its Chrome browser. It also updated the bundled Flash Player to 11.1.102.63, which concurs with the Adobe update.

See also:

(djwm)

 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit