ISC Diary

Adobe Security Flash Update

Published: 2012-05-04,
Last Updated: 2012-05-04 20:50:24 UTC
by Guy Bruneau (Version: 1)

Adobe released a critical patch for Flash Player addressing an object confusion vulnerability (CVE-2012-0779). If exploited, it could cause the application crash and potentially allow an attacker to take control of the system. The security bulletin is posted here and the update can be downloaded here.

Affected Software

- Windows, Macintosh and Linux version 11.2.202.233 and earlier
- Android 4.x version 11.1.115.7 and earlier
- Android 3.x and 2.x version 11.1.111.8 and earlier

[1] http://www.adobe.com/support/security/bulletins/apsb12-09.html
[2] http://get.adobe.com/flashplayer/

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Keywords: Adobe Flash Security Update

2 comment(s)

Top of page

Comments

Anyone know if version 10.3.183.19 is vulnerable? the CVE is not clear as it states "Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows" and Adobe does not even mention 10.x

posted by Dave, Mon May 07 2012, 13:27

Dave,

According to the security bulletin, it states "For users who cannot update to Flash Player 11.2.202.235, Adobe has developed a patched version of Flash Player 10.x, Flash Player 10.3.183.19, which can be downloaded here." Here is http://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html

posted by Guy, Mon May 07 2012, 16:15

New Comments closed for all Diaries older than two(2) weeks
Please send your comments to our Contact Form