Adobe has released a critical security patch for Adobe Flash Player. The patch addresses seven (7) flaws including multiple code execution vulnerabilities. These flaws allow attackers to take complete control of the systems. The Linux and Mac operating systems are affected apart from Windows.
Here are the details of the 7 vulnerabilities patched in APSB17-07 update:
- A buffer overflow vulnerability that could lead to code execution (CVE-2017-2997).
- Multiple memory corruption vulnerabilities that could lead to code execution (CVE-2017-2998, CVE-2017-2999).
- A random number generator vulnerability used for constant blinding that could lead to information disclosure (CVE-2017-3000).
- Multiple use-after-free vulnerabilities that could lead to code execution (CVE-2017-3001, CVE-2017-3002, CVE-2017-3003).
Affected versions of Adobe Flash Player are:
Flash Player versions 24.0.0.221 and earlier for Windows, Macintosh, and Linux.
Flash Player version 24.0.0.221 and earlier for Adobe Flash Player for Google Chrome.
Flash Player version 24.0.0.221 and earlier for Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 and Windows 8.x.
All the users of the Adobe Flash Player for Windows, Macintosh, and Linux are advised to update to Flash Player version 25.0.0.127. Flash Player for Google Chrome, Microsoft Edge and Internet Explorer 11 will be automatically updated to the latest version.
Download SecPod Saner now and keep your systems updated and secure.
– Shakeel