In association with heise online

12 June 2013, 10:00

June updates for Flash and Air close a critical hole

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Adobe Flash Patch icon Adobe has closed just one hole on its June patch day; however, the hole is critical and has caused a plethora of updates. The memory error, discovered and reported confidentially by Google's security team, affects all versions of Flash Player and Adobe AIR. Attackers can potentially exploit the hole to gain control of systems.

Traditionally, holes in Flash are a prized commodity with cyber-criminals and therefore users should update to the fixed version 11.7.700.224 as soon as possible. For Mac OS X, Adobe has released an update to version 11.7.700.225, while the latest version under Linux is now 11.2.202.291. Those who use Google Chrome or Internet Explorer 10 (under Windows 8) will automatically receive the Flash Player updates. Adobe has also updated Flash for Android, where the latest versions are now 11.1.115.63 for Android 4 and version 11.1.111.59 for older Android systems.

The fixed version of Adobe AIR for Windows and Android is Adobe AIR 3.7.0.2090, and version 3.7.0.2100 is the latest update for Mac OS X. Adobe has also patched the corresponding SDKs, the version numbers for which are identical.

The company has warned those who use Flash version 10 that version 11.7.x will become the next Extended Support version when patch day comes round again. This means that the just released security patches will be the last patches for version 10; the relevant download links can be found in the advisory link above.

See also:

(djwm)

Print Version | Send by email | Permalink: http://h-online.com/-1886972
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit