14 DAY TRIAL // Adobe has released a major Flash Player update, which, in addition to several new features, patches critical security vulnerabilities that could allow attackers to compromise computers.
The new Flash Player 10.2.152.26 version fixes a total of thirteen flaws, all of which could be exploited to crash the application and execute arbitrary code.
"Adobe recommends users of Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris update to Adobe Flash Player 10.2.152.26," the company writes in the newly published security bulletin.
Ten of the security issues fixed are described as memory corruption vulnerabilities, one as an integer overflow, another as a font-parsing bug and the last as a library-loading weakness.
This new Flash Player release was timed to coincide with the Adobe Reader and Acrobat quarterly patches, for the Flash interpreter bundled in those programs to also be updated.
It's not clear if this represents a permanent change in Flash Player's patching cycle, which up to this point has lacked uniformity.
In the past, the discrepancy in release times for such security updates have left users vulnerable to Flash exploits served via PDF files, even if Flash Player itself was updated.
At the opposing pole is the Flash Player plug-in bundled with Google Chrome, which so far has been updated a bit faster than the ones released by Adobe.
Even more, the two companies have collaborated to make it possible for the Chrome Flash plug-in to run inside the browser's sandbox, therefore blocking arbitrary code execution exploits.
In addition to security fixes, the new Flash Player 10.2 brings video hardware acceleration improvements, support for full screen mode with multiple monitors, sub-pixel text rendering and custom mouse cursors.
The latest version of Flash Player for Windows can be downloaded from here.
The latest version of Flash Player for Mac can be downloaded from here.
The latest version of Flash Player for Linux can be downloaded from here.