Adobe fixes Flash zero day, plus bugs in Acrobat, Reader and ColdFusion

The Acrobat updates are regularly-scheduled but the Flash and ColdFusion updates are a surprise. One Flash vulnerability is being exploited in the wild.

Adobe has released updates to Flash Player, Acrobat, Reader and ColdFusion to address vulnerabilities. The company says that they have reports to the effect that one of the vulnerabilities in Flash Player is being exploited in the wild.

free pdf

Special report: The future of Everything as a Service

SaaS has set off a revolution in the way companies consume services on-demand. We look at how it's spreading to other IT services and transforming IT jobs.

Read More

Flash Player bulletin APSB14-27 describes six vulnerabilities affecting versions 15.0.0.242 and earlier in the 15.x branch, versions 13.0.0.258 and earlier 13.x versions and versions 11.2.202.424 and earlier versions for Linux.

Click here to check your Flash Player version.

Windows and Mac users should update to version 16.0.0.235. Users of the Extended Support Release should update to version 13.0.0.259. Linux should update to Adobe Flash Player 11.2.202.425.

Microsoft and Google will today be releasing updates to Internet Explorer 10+ and Chrome in order to patch the Flash Players embedded in them.

These vulnerabilities are rated as critical, and the presence of one which is being exploited means that this update is high-priority.

Adobe Reader and Acrobat bulletin APSB14-28 describes twenty vulnerabilities affecting the Windows and Mac versions of the products. The company says they have no reports of exploits in the wild, but the vulnerabilities have serious implications and are rated critical.

Users of Acrobat X or Reader X versions 10.1.12 and earlier for Windows or Mac should update to version 10.1.13. Users of Acrobat XI or Reader XI versions 11.0.09 and earlier for Windows or Mac should update to version 11.0.10.

These products can be updated by the user through the update option in the Help menu or via the Adobe Downloads page.

Finally, ColdFusion bulletin APSB14-29 describes a single resource consumption bug which could result in denial of service. The problem affects both ColdFusion versions 10 and 11, but not version 9.

ColdFusion 10 users can update at this link. ColdFusion 11 users can update at this link.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All