Adobe has released updates to Flash Player, Acrobat, Reader and ColdFusion to address vulnerabilities. The company says that they have reports to the effect that one of the vulnerabilities in Flash Player is being exploited in the wild.
describes six vulnerabilities affecting versions 188.8.131.52 and earlier in the 15.x branch, versions 184.108.40.2068 and earlier 13.x versions and versions 220.127.116.114 and earlier versions for Linux. Flash Player bulletin APSB14-27
Click here to check your Flash Player version.
Windows and Mac users should update to version 18.104.22.168. Users of the Extended Support Release should update to version 22.214.171.1249. Linux should update to Adobe Flash Player 126.96.36.1995.
Microsoft and Google will today be releasing updates to Internet Explorer 10+ and Chrome in order to patch the Flash Players embedded in them.
These vulnerabilities are rated as critical, and the presence of one which is being exploited means that this update is high-priority.
Adobe Reader and Acrobat bulletin APSB14-28 describes twenty vulnerabilities affecting the Windows and Mac versions of the products. The company says they have no reports of exploits in the wild, but the vulnerabilities have serious implications and are rated critical.
Users of Acrobat X or Reader X versions 10.1.12 and earlier for Windows or Mac should update to version 10.1.13. Users of Acrobat XI or Reader XI versions 11.0.09 and earlier for Windows or Mac should update to version 11.0.10.
These products can be updated by the user through the update option in the Help menu or via the Adobe Downloads page.
Finally, ColdFusion bulletin APSB14-29 describes a single resource consumption bug which could result in denial of service. The problem affects both ColdFusion versions 10 and 11, but not version 9.