Adobe issues Flash security update

Summary:A fix for Flash Player addresses four security problems. Windows, Mac and Linux users are all vulnerable.

Adobe has released security updates for Flash Player on Windows, Mac and Linux.

Flash.Player
Click on image to install current version of Adobe Flash Player

The update addresses four security vulnerability described by Adobe in this way:

  • A use-after-free vulnerability that could result in arbitrary code execution (CVE-2014-0506)
  • A buffer overflow vulnerability that could result in arbitrary code execution (CVE-2014-0507)
  • A security bypass vulnerability that could lead to information disclosure (CVE-2014-0508)
  • A cross-site-scripting vulnerability (CVE-2014-0509)

Most users can get their software update at get.adobe.com/flashplayer. Google Chrome and Internet Explorer 10/11 Metro users will get an update from those companies.

This table tells which version you should get and where you should get it depending on your Flash Player version and operating system:

Affected Software Recommended Player Update Availability
Flash Player 12.0.0.77 and earlier versions for Windows and Macintosh 13.0.0.182 Flash Player Download Center
Flash Player 12.0.0.77 and earlier versions (network distribution) 13.0.0.182 Flash Player Licensing
Flash Player 11.2.202.346 and earlier for Linux 11.2.202.350 Flash Player Download Center
Flash Player 12.0.0.77 and earlier for Chrome (Windows, Macintosh and Linux) 13.0.0.182 Google Chrome Releases
Flash Player 12.0.0.77 and earlier in Internet Explorer 10 for Windows 8.0 13.0.0.182 Microsoft Security Advisory
Flash Player 12.0.0.77 and earlier in Internet Explorer 11 for Windows 8.1 13.0.0.182 Microsoft Security Advisory
AIR 4.0.0.1628 and earlier for Android 13.0.0.83 Google Play
AIR 4.0.0.1628 SDK & Compiler 13.0.0.83 AIR SDK Download
AIR 4.0.0.1628 SDK 13.0.0.83 AIR SDK Download

Topics: Security

About

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of sec... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.