14 DAY TRIAL // Adobe has released a new version of Flash Player which addresses many critical security vulnerabilities that can be exploited to execute arbitrary code on systems.
The newly released Adobe Flash Player 10.3.183.5 addresses thirteen buffer overflow, memory corruption and integer overflow vulnerabilities. All of them can lead to full system compromise and can be attacked remotely.
Security updates for Adobe AIR have also been released, namely Adobe AIR 2.7.1 for Windows, Macintosh and 2.7.1.1961 for Android.
"Adobe would also like to thank Tavis Ormandy and the Google Chrome team for their great work on several improvements to this Flash Player release," the company notes in its security advisory.
Along with Oracle's Java, Flash Player is one of the most attacked pieces of software at the moment, especially since Adobe Reader X for Windows features sandboxing technology that makes exploiting vulnerabilities harder.
It's worth pointing out, however, that all Flash Player vulnerabilities are also reflected in Adobe Reader because of the bundled authplay.dll Flash plug-in component in the product.
Adobe plans to develop a sandbox-like technology for Flash Player in the future, but this has just passed the concept phase and it will take over a year to fully implement.
"Adobe recommends users of Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris update to Adobe Flash Player 10.3.183.5. Users of Adobe Flash Player for Android 10.3.185.25 and earlier versions should update to Adobe Flash Player for Android 10.3.186.3," the company writes.
The latest version of Flash Player for Windows can be downloaded from here. The latest version of Flash Player for Mac can be downloaded from here. The latest version of Flash Player for Linux can be downloaded from here.
The latest version of Adobe AIR for Windows can be downloaded from here. The latest version of Adobe AIR for Mac can be downloaded from here. The latest version of Adobe AIR for Linux can be downloaded from here.