Number: IRCNE2014082288
Date: 2014-08-12
According to “zdnet”, Adobe has released updates to fix seven vulnerabilities in Flash Player and one vulnerability in Adobe Reader and Acrobat which, the company says, is being exploited in the wild "...in limited, isolated attacks targeting Adobe Reader users on Windows." The OS X versions of Acrobat and Reader are not affected.
Users may update Acrobat and Reader with the Help > Check for Updates menu option. Flash Player users may download the latest version from Adobe at this page. Users of Internet Explorer on Windows 8 and above and of Google Chrome will receive browser updates from those companies with fixed versions of their integrated Flash Player.
The lone vulnerability in Acrobat and Reader for Windows could allow an attacker to circumvent sandbox protection. Users of Adobe Reader 11.x for Windows should update to version 11.0.08. Users of Adobe Reader 10.x for Windows should update to version 10.1.11.
The seven vulnerabilities in Flash affect version 14.0.0.145 and earlier for both Mac and Windows, including the versions integrated into Chrome and IE. The new version will be 14.0.0.176 in most cases. Google Chrome users will get 14.0.0.177 and the NPAPI plugin for Firefox will be version 14.0.0.179.
Flash Player 11.2.202.394 and earlier versions for Linux are vulnerable and users should update to 11.2.202.400.
As is always the case with Flash updates, Adobe AIR and the AIR SDK are also updated.
- 2