Everyone is urged to patch Adobe software ASAP

Dec 13, 2016 18:26 GMT  ·  By

Adobe has released its Adobe Tuesday security patches, fixing security flaws in a total of nine software solutions, including Flash Player, ColdFusion Builder, and InDesign.

One of the critical patches, however, is APSB16-39 Security update available for Adobe Flash Player, which is specifically supposed to address no less than 16 security bugs in Flash, one of which could allow remote code execution if successfully exploited.

And chances are it could easily be successfully exploited, with Adobe confirming that it’s already seeing attacks aimed at users and trying to take advantage of this vulnerability. It goes without saying that Flash Player users should prioritize development of this patch, and the Flash Player version you should be looking for is 24.0.0.186.

Adobe Flash Player Desktop Runtime, as well as Google Chrome, Microsoft Edge, and Internet Explorer 11 are all rated with a “1” priority rating (the highest priority rating available in Adobe’s patching cycle), while Adobe Flash Player for Linux is rated “3.” Everyone should patch Flash Player quickly, though.

0-day flaw already exploited

“Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system,” Adobe explains in its security advisory.

“Adobe is aware of a report that an exploit for CVE-2016-7892 exists in the wild, and is being used in limited, targeted attacks against users running Internet Explorer (32-bit) on Windows.”

In the case of Microsoft users running Internet Explorer and Edge, the Flash Player update is shipped via Windows Update, as the application is integrated into the browser.

Adobe is also patching other products in its lineup, and although they are rated as critical, the company isn’t saying anything about any active exploits being used in attacks against users. Obviously, you are recommended to install all Adobe patches as soon as possible to remain secure.