Affected software versions include: Adobe Flash Player 12.0.0.70 and earlier versions for Windows and Macintosh, and Adobe Flash Player 11.2.202.341 and and earlier versions for Linux.
Adobe’s security bulletin (APSB14-08) describes the vulnerabilities addressed in the Flash Player update as follows:
Moreover, Adobe released Shockwave Player 12.1.0.150 to address a critical vulnerability in earlier versions of the software.
Affected software versions include: Adobe Shockwave Player 12.0.9.149 and earlier versions for Windows and Macintosh.
Adobe’s security bulletin (APSB14-10) describes the vulnerability addressed in the Shockwave Player update as follows:
This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2014-0505): Adobe Shockwave Player before 12.1.0.150 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Users of Adobe Flash Player 12.0.0.70 and earlier versions for Windows and Macintosh should update to the new Adobe Flash Player 12.0.0.77. Users of Adobe Flash Player 12.2.202.341 and earlier versions for Linux should update to Adobe Flash Player 12.2.202.346. Adobe Flash Player 12.0.0.70 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 12.0.0.77 for Windows, Mac and Linux.
Users of Adobe Shockwave Player 12.0.9.149 and earlier versions should update to the newest version, Adobe Shockwave Player 12.1.0.150, as soon as possible.