Adobe Systems has released a new round of security updates for Adobe Flash Player for Windows and Mac. The company released Adobe Flash Player 22.214.171.124, which tackles a total of 6 "vulnerabilities that could potentially allow an attacker to take control of the affected system," described Adobe's security bulletin (APSB14-16).
Affected software versions include: Adobe Flash Player 126.96.36.199 and earlier versions for Windows and Macintosh, Adobe Flash Player 188.8.131.529 and earlier versions for Linux, and Adobe AIR 184.108.40.206 and earlier versions.
The vulnerabilities tackled in the Flash Player update are described as follows:
- These updates resolve cross-site-scripting vulnerabilities (CVE-2014-0531, CVE-2014-0532, CVE-2014-0533).
- These updates resolve security bypass vulnerabilities (CVE-2014-0534, CVE-2014-0535).
- These updates resolve a memory corruption vulnerability that could result in arbitrary code execution (CVE-2014-0536).
Users of Adobe Flash Player 220.127.116.11 and earlier versions for Mac and Windows should update to Adobe Flash Player 18.104.22.168 as soon as possible. Users of Adobe Flash Player 22.214.171.1249 and earlier versions for Linux should update to Adobe Flash Player 126.96.36.1998. Adobe Flash Player 188.8.131.52 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 184.108.40.206 for Windows, Mac and Linux. Users of Adobe AIR 220.127.116.11 and earlier versions should update to Adobe AIR 18.104.22.168.