Adobe has released critical security updates for Adobe Flash Player (APSB16-25), Adobe Acrobat and Reader (APSB16-26) and Adobe XMP Toolkit for Java (APSB16-24). The security updates for Adobe Flash Player, Adobe Acrobat and Reader resolves critical vulnerabilities that allows an attacker to take control of the affected system. The security updates for the Adobe XMP Toolkit for Java resolves an important vulnerability that could lead to information disclosure.
Here are the details of Critical Security Updates and security Advisory :
APSB16-25 (Adobe Flash Player):
- A race condition vulnerability that could lead to information disclosure (CVE-2016-4247).
-
The multiple type confusion vulnerabilities that could lead to code execution (CVE-2016-4223, CVE-2016-4224, CVE-2016-4225).
-
The multiple use-after-free vulnerabilities that could lead to code execution(CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, CVE-2016-4248).
-
A heap buffer overflow vulnerability that could lead to code execution (CVE-2016-4249).
-
The multiple memory corruption vulnerabilities that could lead to code execution
(CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, CVE-2016-4246). -
A memory leak vulnerability that could lead to information disclosure (CVE-2016-4232).
-
The multiple stack corruption vulnerabilities that could lead to code execution (CVE-2016-4176, CVE-2016-4177).
-
A security bypass vulnerability that could lead to information disclosure (CVE-2016-4178).
Affected Versions:
Adobe Flash Player Desktop Runtime 22.0.0.192 and earlier on Windows and Macintosh.
Adobe Flash Player Extended Support Release 18.0.0.360 and earlier on Windows and Macintosh.
Adobe Flash Player for Google Chrome 22.0.0.192 and earlier on Windows, Macintosh, Linux and ChromeOS.
Adobe Flash Player for Microsoft Edge and Internet Explorer 11 22.0.0.192 and earlier on Windows 10 and 8.1
Adobe Flash Player 11.2.202.626 and earlier on Linux.
APSB16-26 (Adobe Acrobat and Reader):
- An integer overflow vulnerability that could lead to code execution (CVE-2016-4210).
-
A use-after-free vulnerability that could lead to code execution (CVE-2016-4255).
-
A heap buffer overflow vulnerability that could lead to code execution (CVE-2016-4209).
-
A vulnerability that could allow attackers to bypass JavaScript API execution restrictions (CVE-2016-4215).
-
The multiple memory corruption vulnerabilities that could lead to code execution (CVE-2016-4254, CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252).
Affected Versions:
Acrobat DC Continuous 15.016.20045 and earlier versions on Windows and Macintosh.
Acrobat Reader DC Continuous 15.016.20045 and earlier versions on Windows and Macintosh.
Acrobat DC Classic 15.006.30174 and earlier versions on Windows and Macintosh.
Acrobat Reader DC Classic 15.006.30174 and earlier versions on Windows and Macintosh.
Acrobat XI Desktop 11.0.16 and earlier versions on Windows and Macintosh.
Reader XI Desktop 11.0.16 and earlier versions on Windows and Macintosh.
APSB16-24 (Adobe XMP Toolkit for Java):
- A vulnerability that could lead to information disclosure (CVE-2016-4216).
Affected Versions:
Adobe XMP Tooklit for Java 5.1.2 and earlier versions in all platforms.
SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.