Adobe ships 'critical' patch for Flash Player

Adobe said Thursday that it is shipping a highly critical patch to address multiple vulnerabilities that could affect Windows, Mac and Linux machines.The update addresses at least nine flaws--CVE-2007-6242, CVE-2007- 4768, CVE-2007-5275, CVE-2007- 6243, CVE-2007- 6244, CVE-2007- 6245, CVE-2007-4324, CVE-2007- 6246, CVE-2007-5476--across all platforms.

Adobe said Thursday that it is shipping a highly critical patch to address multiple vulnerabilities that could affect Windows, Mac and Linux machines.

The update addresses at least nine flaws--CVE-2007-6242, CVE-2007- 4768, CVE-2007-5275, CVE-2007- 6243, CVE-2007- 6244, CVE-2007- 6245, CVE-2007-4324, CVE-2007- 6246, CVE-2007-5476--across all platforms. Versions affected include Adobe Flash Player 9.0.48.0 and earlier, 8.0.35.0 and earlier, and 7.0.70.0 and earlier.

Adobe, which recommends that everyone updgrade to the new player, says an attacker could use those aforementioned vulnerabilities to take control of a system.

Two of the nine vulnerabilities are "input validation errors" that could "lead to the potential execution of arbitrary code." Adobe adds:

"These vulnerabilities could be accessed through content delivered from a remote location via the user’s web browser, email client, or other applications that include or reference the Flash Player."

More details can be found in Adobe's security bulletin.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All