Number: IRCNE2014122394
Date: 2014/12/13
According to zdnet”, Adobe has released updates to Flash Player, Acrobat, Reader and ColdFusion to address vulnerabilities. The company says that they have reports to the effect that one of the vulnerabilities in Flash Player is being exploited in the wild.
Flash Player bulletin APSB14-27 describes six vulnerabilities affecting versions 15.0.0.242 and earlier in the 15.x branch, versions 13.0.0.258 and earlier 13.x versions and versions 11.2.202.424 and earlier versions for Linux.
Windows and Mac users should update to version 16.0.0.235. Users of the Extended Support Release should update to version 13.0.0.259. Linux should update to Adobe Flash Player 11.2.202.425.
Microsoft and Google will today be releasing updates to Internet Explorer 10+ and Chrome in order to patch the Flash Players embedded in them.
These vulnerabilities are rated as critical, and the presence of one which is being exploited means that this update is high-priority.
Adobe Reader and Acrobat bulletin APSB14-28 describes twenty vulnerabilities affecting the Windows and Mac versions of the products. The company says they have no reports of exploits in the wild, but the vulnerabilities have serious implications and are rated critical.
Users of Acrobat X or Reader X versions 10.1.12 and earlier for Windows or Mac should update to version 10.1.13. Users of Acrobat XI or Reader XI versions 11.0.09 and earlier for Windows or Mac should update to version 11.0.10.
These products can be updated by the user through the update option in the Help menu or via the Adobe Downloads page.
Finally, ColdFusion bulletin APSB14-29 describes a single resource consumption bug which could result in denial of service. The problem affects both ColdFusion versions 10 and 11, but not version 9.
- 2