Adobe Flash Player Update

On Tuesday, Adobe released an update for Shockwave Player (APSB12-02) and RoboHelp for Word (APSB12-04). The odd question on tuesday was: What happened to APSB12-03. Today, we learned the answer: Another bulletin from Adobe, APSB12-03, accompanied by a patch for Adobe's Flash player.

Sadly, with the odd release date, this bulletin has fallen a bit between the cracks. However, you should apply the patch *QUICKLY* as at least one of the vulnerabilities has already been exploited in the wild.

Johannes B. Ullrich, Ph.D.
SANS Technology Institute

I will be teaching next: Application Security: Securing Web Apps, APIs, and Microservices - SANS San Francisco Winter 2022


4601 Posts
ISC Handler
Feb 16th 2012
The version on their redistributable portal is still Is there any other way to get a MSI of this thing?
Anonymous was the previous version. is the patched version for IE/Firefox/Chrome/etc. The higher version numbers are for Android. Note that there is no reference in the bulletin to CVE-2011-4693 or CVE-2011-4694, which were announced back in December (see for more details). I don't know if those vulnerabilities were fixed silently (so as to avoid giving credit) or were ignored.

Sign Up for Free or Log In to start participating in the conversation!