Adobe has released new security updates for Adobe Flash Player, updating its software to version 220.127.116.11 for Mac OS X and other platforms. The 17.5 MB software update is available for download and resolves a critical vulnerability with reports that an exploit for this flaw exists in the wild.
Affected Adobe software versions include: Adobe Flash Player 18.104.22.168 and earlier versions for Windows and Macintosh, and Adobe Flash Player 22.214.171.1245 and earlier versions for Linux.
From Adobe's security bulletin, the following details describe the vulnerability resolved in these updates:
These updates resolve an integer underflow vulnerability that could be exploited to execute arbitrary code on the affected system (CVE-2014-0497).
Users of Adobe Flash Player 126.96.36.199 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 188.8.131.52. Users of Adobe Flash Player 184.108.40.2065 and earlier versions for Linux should update to Adobe Flash Player 220.127.116.116. Adobe Flash Player 18.104.22.168 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 22.214.171.124 for Windows, Mac, and Linux.
Update: Due to security issues in older Flash Player versions, Apple has updated the web plug-in blocking mechanism to disable all versions prior to Flash Player 126.96.36.199.