Adobe patches Business Logic error in Flash

This Patch Tuesday is minimal, with only one bug resolved.

A brief history of Adobe Flash Adobe acquired Macromedia in 2005. - In 2007, Adobe introduced Flash as a way to add interactivity to websites. - In a world of HTML5 standards, Flash usage has declined. - Chrome, Microsoft Edge, and Safari have all been blocking Flash over the past year. - Adobe is killing off Flash once and for all. - It will remove support for it fully by the end of 2020.

Video: A brief history of Adobe Flash

In a rare turn of events, Adobe has only needed to resolve one vulnerability during December's Patch Tuesday.


According to the tech giant's security advisory, the lone "Business Logic error" bug, CVE-2017-11305, is a moderately dangerous vulnerability.

"This update addresses a regression that could lead to the unintended reset of the global settings preference file," Adobe says.

The vulnerability impacts Adobe Flash and Adobe Flash for Google Chrome on Windows, Mac, Linux, and Chrome OS, as well as Adobe Flash for Microsoft Edge and Internet Explorer 11 on Windows 8.1 and 10.

Granted a priority rating of 2, Adobe has not received reports of the vulnerability being exploited in the wild.

See also: Adobe accidentally releases private PGP key

In November, Adobe patched 67 vulnerabilities, many of them critical. The bugs impacted Adobe Flash, Acrobat, and Reader, as well as other software.

In total, five vulnerabilities were fixed in Flash, all of which were deemed critical. The out-of-bounds read and use-after-free security flaws, if exploited, could lead to remote code execution.

Cross-site scripting (XSS) vulnerabilities, type confusion issues, buffer problems, and memory corruption vulnerabilities were also fixed in other software.

In the same Patch Tuesday, Microsoft issued fixes for over 30 vulnerabilities in software including the Microsoft Windows operating system, Microsoft Office, Exchange Server, and Microsoft Edge.

Related stories