It eliminates vulnerabilities that could lead to code execution
Adobe released an update for Flash Player stable, incrementing the version number to 11.8. The security details include doing away with a set of three vulnerabilities that could allow an attacker to take control of the affected system.Security-wise, the fixes available in this build (11.8.800.94) eliminate a heap buffer overflow vulnerability (CVE-2013-3344) that could lead to code execution. The same outcome would be recorded if an attacker took advantage of a memory corruption flaw (CVE-2013-3345).
A third security fix refers to an integer overflow when resampling a user-supplied PCM buffer (CVE-2013-3347)
There are no reports of these flaws being exploited in the wild, but the general recommendation is to update to the latest revision.
Additional repairs, non-security related, have also been implemented in this build, such as the one addressing a crash when playing live protected ABR steam.
Many of them refer to the player’s behavior in Google Chrome browser, which received an update to version 28.
As far as new features are concerned, Flash Player 11.8 integrates recursive stop on MovieClip, delivers support for rectangular textures and large textures (maximum size is 4096x4096). The entire list of fixes and new features are available on this page.
Download Adobe Flash Player for Windows, Mac and Linux