Adobe fixes critical flaws in Flash Player and Digital Editions

The flaws could allow hackers to compromise computers and install malware

Adobe Systems has fixed more than 30 vulnerabilities in its Flash Player and Digital Editions products, most of which could be exploited to remotely install malware on computers.

The bulk of the flaws, 26, were patched in Flash Player on all supported platforms: Windows, Mac and Linux.

Twenty-three of those vulnerabilities can lead to remote code execution and the remaining three can be used for information disclosure or to bypass security features, Adobe said in an advisory.

Adobe advises users to update Flash Player version 23.0.0.162 on Windows and Mac or version 11.2.202.635 on Linux. The new version of the Flash Player extended support release, which only receives security patches, is now 18.0.0.375.

It's worth pointing out that Adobe recently decided to update the NPAPI version of the Flash Player plug-in for Linux, which had been frozen at version 11.2 for the past four years. This is the Flash Player plug-in version used on Linux by browsers other than Google Chrome, which uses a newer PPAPI plug-in architecture.

While this version of Flash Player has continued to receive security patches over the years, it didn't benefit from new features. However, last month the company announced that it plans to bring the NPAPI Flash Player plug-in for Linux in sync with the modern release branch, which is currently at version 23.

The Flash Player plug-in bundled with Google Chrome will be automatically updated through the browser's update mechanism and the plug-in bundled with Microsoft Edge and Internet Explorer 11 on Windows 10 and 8.1 will be updated through Windows Update.

Adobe also released version 4.5.2 of Adobe Digital Editions for Windows, Mac, iOS and Android. This new version of the company's eBook reading app fixes eight vulnerabilities, all of which could be exploited to achieve remote code execution.

Finally, the company updated its Adobe AIR SDK & Compiler for Windows to version 23.0.0.257. This is a security release that adds support for the secure transmission of runtime analytics for Android AIR applications created with the tool.

"Developers are encouraged to recompile captive runtime bundles after applying this update," the company said in an advisory.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lucian Constantin

IDG News Service
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?