On cue with Microsoft’s Patch Tuesday, Adobe has also released security fixes for Flash Player that addressed a total of 52 security issues.
Mac and Windows users should update to Flash Player 22.214.171.124, while Linux users should update to version 126.96.36.1992. Flash Player embedded with Google Chrome, Microsoft Internet Explorer or Edge will be updated automatically to the latest version.
Out of all the 52 security fixes Flash received today, below are some of the most critical issues fixed in this most recent release.
Adobe patches 52 issues in Flash Player
Adobe fixed 33 issues related to memory corruption bugs that could have allowed attackers to execute code on the infected machine and take over the device, and another ten use-after-free vulnerabilities, which are another type of security flaw that occurs due to improper memory management ().
The company also fixed a race condition vulnerability that could lead to information disclosure (CVE-2016-4247), three type confusion vulnerabilities that could lead to code execution (CVE-2016-4223, CVE-2016-4224, CVE-2016-4225), and a heap buffer overflow (CVE-2016-4249).
Further, Adobe also addressed a memory leak vulnerability (CVE-2016-4232), a security bypass vulnerability that could lead to information disclosure (CVE-2016-4178), and two stack corruption vulnerabilities that could lead to code execution (CVE-2016-4176, CVE-2016-4177).
For this month’s security patches, Adobe received bug reports from researchers working at Microsoft, Pangu LAB, Qihoo 360, WINS WSEC Analysis Team, Trend Micro, FireEye, Tencent, Google’s Project Zero, COSIG, and the NCC Group. Independent security researchers also contributed.
No zero-days included this time
No zero-day vulnerabilities were included in this release, unlike the past three months, which saw Adobe patch zero-day after zero-day.
Besides Flash Player, Adobe also fixed 30 security issues in Adobe Acrobat and Reader, and an information disclosure (CVE-2016-4216) issue in the XMP Toolkit for Java, another of Adobe’s product.
This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.
Recommended article from FiveFilters.org: .