Adobe has released new security updates for Adobe Flash Player, updating its software to version 184.108.40.206 for Mac OS X and other platforms. The 17.5 MB software update is available for download and resolves a critical vulnerability with reports that an exploit for this flaw exists in the wild.
Affected Adobe software versions include: Adobe Flash Player 220.127.116.11 and earlier versions for Windows and Macintosh, and Adobe Flash Player 18.104.22.1685 and earlier versions for Linux.
From Adobe’s security bulletin, the following details describe the vulnerability resolved in these updates:
These updates resolve an integer underflow vulnerability that could be exploited to execute arbitrary code on the affected system (CVE-2014-0497).
Users of Adobe Flash Player 22.214.171.124 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 126.96.36.199. Users of Adobe Flash Player 188.8.131.525 and earlier versions for Linux should update to Adobe Flash Player 184.108.40.2066. Adobe Flash Player 220.127.116.11 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 18.104.22.168 for Windows, Mac, and Linux.
Update: Due to security issues in older Flash Player versions, Apple has updated the web plug-in blocking mechanism to disable all versions prior to Flash Player 22.214.171.124.