Adobe patches critical Flash Player holes; adds support for Mac OS X Gatekeeper

Adobe patches critical Flash Player holes; adds support for Mac OS X Gatekeeper

تاریخ ایجاد

ID: IRCNE2012061515
Date: 2012-06-09

According to "zdnet", Adobe today shipped a new version of its ever-present Flash Player software with fixes for at least seven dangerous security holes and the addition of support for the Gatekeeper technology that coming in Mac OS X Mountain Lion.
The security update, available for Windows, Mac OS X and Linux operating systems, address vulnerabilities that “could cause a crash and potentially allow an attacker to take control of the affected system.”

  • These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2012-2034).
  • These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2012-2035).
  • These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2012-2036).
  • These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2012-2037).
  • These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2012-2038).
  • These updates resolve null dereference vulnerabilities that could lead to code execution (CVE-2012-2039).
  • These updates resolve a binary planting vulnerability in the Flash Player installer that could lead to code execution (CVE-2012-2040).

Separately, Adobe security chief Brad Arkin says the new Flash Player 11.3 introduces a sandbox to Firefox users on Windows.
For Mac users, the update also includes the background updater for Mac OS X and is now signed with an Apple Developer ID, so that Flash Player can work with the new Gatekeeper technology for Mac OS X Mountain Lion (10.8).

برچسب‌ها