Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Adobe Flash Player Update - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Flash Player Update

On Tuesday, Adobe released an update for Shockwave Player (APSB12-02) and RoboHelp for Word (APSB12-04). The odd question on tuesday was: What happened to APSB12-03. Today, we learned the answer: Another bulletin from Adobe, APSB12-03, accompanied by a patch for Adobe's Flash player.

Sadly, with the odd release date, this bulletin has fallen a bit between the cracks. However, you should apply the patch *QUICKLY* as at least one of the vulnerabilities has already been exploited in the wild.

http://www.adobe.com/support/security/bulletins/apsb12-03.html

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

I will be teaching next: Defending Web Applications Security Essentials - SANS Security West 2019

Johannes

3479 Posts
ISC Handler
The version on their redistributable portal is still 11.1.102.62. Is there any other way to get a MSI of this thing?
Anonymous
11.1.102.55 was the previous version. 11.1.102.62 is the patched version for IE/Firefox/Chrome/etc. The higher version numbers are for Android. Note that there is no reference in the bulletin to CVE-2011-4693 or CVE-2011-4694, which were announced back in December (see http://isc.sans.edu/diary.html?storyid=12166 for more details). I don't know if those vulnerabilities were fixed silently (so as to avoid giving credit) or were ignored.
Anonymous

Sign Up for Free or Log In to start participating in the conversation!