Security News

Adobe Systems has released a new round of security updates for Adobe Flash Player for Windows and Mac. The company released Adobe Flash Player 14.0.0.125, which tackles a total of 6 “vulnerabilities that could potentially allow an attacker to take control of the affected system,” described Adobe’s security bulletin (APSB14-16).

Affected software versions include: Adobe Flash Player 13.0.0.214 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.359 and earlier versions for Linux, and Adobe AIR 13.0.0.111 and earlier versions.

The vulnerabilities tackled in the Flash Player update are described as follows:

• These updates resolve cross-site-scripting vulnerabilities (CVE-2014-0531, CVE-2014-0532, CVE-2014-0533).
• These updates resolve security bypass vulnerabilities (CVE-2014-0534, CVE-2014-0535).
• These updates resolve a memory corruption vulnerability that could result in arbitrary code execution (CVE-2014-0536).

Users of Adobe Flash Player 13.0.0.214 and earlier versions for Mac and Windows should update to Adobe Flash Player 14.0.0.125 as soon as possible. Users of Adobe Flash Player 11.2.202.359 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.378. Adobe Flash Player 13.0.0.214 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 14.0.0.125 for Windows, Mac and Linux. Users of Adobe AIR 13.0.0.111 and earlier versions should update to Adobe AIR 14.0.0.110.