Adobe Systems has released a new round of security updates for Adobe Flash Player for Windows and Mac. The company released Adobe Flash Player 126.96.36.199, which tackles a total of 6 “vulnerabilities that could potentially allow an attacker to take control of the affected system,” described Adobe’s security bulletin (APSB14-16).
Affected software versions include: Adobe Flash Player 188.8.131.52 and earlier versions for Windows and Macintosh, Adobe Flash Player 184.108.40.2069 and earlier versions for Linux, and Adobe AIR 220.127.116.11 and earlier versions.
The vulnerabilities tackled in the Flash Player update are described as follows:
- These updates resolve cross-site-scripting vulnerabilities (CVE-2014-0531, CVE-2014-0532, CVE-2014-0533).
- These updates resolve security bypass vulnerabilities (CVE-2014-0534, CVE-2014-0535).
- These updates resolve a memory corruption vulnerability that could result in arbitrary code execution (CVE-2014-0536).
Users of Adobe Flash Player 18.104.22.168 and earlier versions for Mac and Windows should update to Adobe Flash Player 22.214.171.124 as soon as possible. Users of Adobe Flash Player 126.96.36.1999 and earlier versions for Linux should update to Adobe Flash Player 188.8.131.528. Adobe Flash Player 184.108.40.206 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 220.127.116.11 for Windows, Mac and Linux. Users of Adobe AIR 18.104.22.168 and earlier versions should update to Adobe AIR 22.214.171.124.