Adobe Systems has released a new round of security updates for Adobe Flash Player for Windows and Mac. The company released Adobe Flash Player 18.104.22.168, which tackles a total of 6 “vulnerabilities that could potentially allow an attacker to take control of the affected system,” described Adobe’s security bulletin (APSB14-16).
Affected software versions include: Adobe Flash Player 22.214.171.124 and earlier versions for Windows and Macintosh, Adobe Flash Player 126.96.36.1999 and earlier versions for Linux, and Adobe AIR 188.8.131.52 and earlier versions.
The vulnerabilities tackled in the Flash Player update are described as follows:
- These updates resolve cross-site-scripting vulnerabilities (CVE-2014-0531, CVE-2014-0532, CVE-2014-0533).
- These updates resolve security bypass vulnerabilities (CVE-2014-0534, CVE-2014-0535).
- These updates resolve a memory corruption vulnerability that could result in arbitrary code execution (CVE-2014-0536).
Users of Adobe Flash Player 184.108.40.206 and earlier versions for Mac and Windows should update to Adobe Flash Player 220.127.116.11 as soon as possible. Users of Adobe Flash Player 18.104.22.1689 and earlier versions for Linux should update to Adobe Flash Player 22.214.171.1248. Adobe Flash Player 126.96.36.199 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 188.8.131.52 for Windows, Mac and Linux. Users of Adobe AIR 184.108.40.206 and earlier versions should update to Adobe AIR 220.127.116.11.