Patch Tuesday Brings Fixes to Nine Code Execution Flaws in Flash Player

Rafia Shaikh
Posted Nov 8, 2016
17Shares
Share Tweet Submit

Adobe has released critical security patches to nine code execution flaws in Flash Player this Patch Tuesday. The company assures that it’s not aware of any active exploits of these vulnerabilities.

Patch Tuesday brings more fixes to Adobe Flash Player

Two weeks ago, Adobe rolled out an emergency security patch for a zero-day vulnerability reported by Google. The company is now releasing scheduled security patches to its products, including to its infamous Flash Player.

“Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS,” the company’s security bulletin reads. “These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.”

Several issues reported by Trend Micro’s ZDI have been addressed by the company. The Tuesday Patch also fixes one vulnerability in Connect for Windows. Adobe confirmed there was no evidence that any of these bugs were being exploited in the wild.

The company had fixed a Flash Player vulnerability on October 26, that also affected Windows. Working in combination with a Windows kernel flaw, the Flash Player bug could be exploited to gain control of a target’s browser process and elevate privileges. While Microsoft is yet to release the patch (expected today) for the critical security vulnerability that is being exploited by a Russian-linked sophisticated threat actor known as Fancy Bear or APT28, Adobe released an emergency patch to mitigate the problem.

Adobe Flash Player 23.0.0.207 is the latest update available, fixing the recently discovered security vulnerabilities. The update is now available for Windows, Mac and web browsers. Flash Player version 11.2.202.644 is also available for Linux. To verify the version of Flash Player installed on your system, go to Flash Player About page to learn the version number. Adobe advises to perform this check for each browser, if you use multiple browsers.

Patch Tuesday Brings Critical Security Fixes to Flash Player, Edge and Internet Explorer

Remember, Flash Player on Google Chrome, Microsoft Edge, and Internet Explorer 11 will automatically update to the latest version.

Share Tweet Submit