Adobe ships 'critical' patch for Flash Player

Adobe ships 'critical' patch for Flash Player

Summary: Adobe said Thursday that it is shipping a highly critical patch to address multiple vulnerabilities that could affect Windows, Mac and Linux machines.The update addresses at least nine flaws--CVE-2007-6242, CVE-2007- 4768, CVE-2007-5275, CVE-2007- 6243, CVE-2007- 6244, CVE-2007- 6245, CVE-2007-4324, CVE-2007- 6246, CVE-2007-5476--across all platforms.

SHARE:

Adobe said Thursday that it is shipping a highly critical patch to address multiple vulnerabilities that could affect Windows, Mac and Linux machines.

The update addresses at least nine flaws--CVE-2007-6242, CVE-2007- 4768, CVE-2007-5275, CVE-2007- 6243, CVE-2007- 6244, CVE-2007- 6245, CVE-2007-4324, CVE-2007- 6246, CVE-2007-5476--across all platforms. Versions affected include Adobe Flash Player 9.0.48.0 and earlier, 8.0.35.0 and earlier, and 7.0.70.0 and earlier.

Adobe, which recommends that everyone updgrade to the new player, says an attacker could use those aforementioned vulnerabilities to take control of a system.

Two of the nine vulnerabilities are "input validation errors" that could "lead to the potential execution of arbitrary code." Adobe adds:

"These vulnerabilities could be accessed through content delivered from a remote location via the user’s web browser, email client, or other applications that include or reference the Flash Player."

More details can be found in Adobe's security bulletin.

Topics: Enterprise Software, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • Yet still no 64 bit version

    I guess they are to busy squashin bugs/threats in their 32 bit code to pay any attention to those of us running 64bit....
    Hamlet_z
  • The most critical flaw affects Linux users

    The Linux update for Flash Player addresses a memory permissions issue that could lead to privilege escalation. (CVE-2007-6246)
    qmlscycrajg
  • RE: Adobe ships 'critical' patch for Flash Player

    If you try to update Firefox to the latest release of the Flash player and it doesn't work, then read my CNET blog. I had lots of problems doing this, but eventually found the problem.

    Problems updating the Flash player in Firefox
    http://blogs.cnet.com/defensive-computing/8301-13554_1-9837353-33.html
    Michael Horowitz