Update Flash, Shockwave ASAP! Adobe also patches Acrobat and Reader

Summary:(Correction:) Surprise updates to Adobe Flash Player and Shockwave Plaer address critical vulnerabilities at high risk of exploit. Less urgent, but still serious updates for Adobe Acrobat and Reader are also available.

Adobe today released security updates for Flash Player, AIRShockwave PlayerAcrobat and Reader. The updates for Flash Player and Shockwave Player on Windows and Mac address a vulnerability which Adobe classifies as Priority 1, which indicates that it is being exploited in the wild at a high risk of exploit.

The updated versions of Flash Player on Windows and Mac are 11.8.800.168 and 11.7.700.242. Earlier 11.7 and 11.8 versions are vulnerable. Updates are also available for Flash Player on Linux and Android, as well as Adobe AIR and the Adobe AIR SDK. These are not as severe and updating is not as high a priority.

The updates for Reader and Acrobat are classified as less urgent. They are important vulnerabilities, but not being exploited.

The affected versions of Flash and AIR are:

  • Adobe Flash Player 11.8.800.94 and earlier versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.297 and earlier versions for Linux
  • Adobe Flash Player 11.1.115.69 and earlier versions for Android 4.x
  • Adobe Flash Player 11.1.111.64 and earlier versions for Android 3.x and 2.x
  • Adobe AIR 3.8.0.870 and earlier versions for Windows and Android
  • Adobe AIR 3.8.0.910 and earlier versions for Macintosh
  • Adobe AIR 3.8.0.870 SDK & Compiler and earlier versions for Windows
  • Adobe AIR 3.8.0.910 SDK & Compiler and earlier versions for Macintosh

The affected versions of Adobe Reader and Acrobat are:

  • Adobe Reader and Acrobat X (10.1.7) and earlier versions for Windows and Macintosh
  • Adobe Reader and Acrobat XI (11.0.03) and earlier versions for Windows and Macintosh

Users can update to the latest version of Adobe Flash Player at http://get.adobe.com/flashplayer. Users can update Adobe Reader and Acrobat from the Help menu ("Check for Updates...")

(Correction: An earlier version of this story stated that the Flash and Shockwave updates were being exploited in the wild. They are not; they are at a high risk of exploit.)

Topics: Security

About

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of sec... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.