Adobe's final patch update this year: 78 bugs squashed

Adobe has issued its last 2015 security update, fixing a total of 78 security vulnerabilities.

screen-shot-2015-12-09-at-13-29-24.png

Adobe has issued the company's last security update which patches a total of 78 CVE vulnerabilities in Flash Player, seven of which are deemed high-risk.

The software giant has recently renamed its Flash Professional product to Animate, no doubt to distance the product from the bug-riddled and somewhat untrustworthy Flash Player, but a simple renaming of the product family, unfortunately, does not erase security flaws.

In the last patch round scheduled for this year, Adobe's latest set of security updates are specially targeted at Adobe Flash Player and address issues which "could potentially allow an attacker to take control of the affected system," according to the software developer.

Adobe Flash Player Desktop Runtime versions 19.0.0.245 and earlier, Adobe Flash Player Extended Support Release 18.0.0.261 and earlier, Adobe Flash Player for Google Chrome versions 19.0.0.245 and earlier on Windows, Mac, Linux and ChromeOS systems are all affected.

In addition, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 19.0.0.245 and earlier on Windows 10, Adobe Flash Player for Internet Explorer 10 and 11 versions 19.0.0.245 and earlier on Windows 8.0 and 8.1 and Adobe Flash Player for Linux versions 11.2.202.548 and earlier are all subjects of this round of patch updates.

AIR Desktop Runtime versions 19.0.0.241 and earlier, AIR SDK 19.0.0.241 and earlier, AIR SDK & Compiler 19.0.0.24 and AIR for Android versions 19.0.0.241 and earlier are impacted.

The security flaws fixed in this update include security bypass vulnerabilities, heap buffer overflow bugs, a dozen memory corruption vulnerabilities, stack overflow weaknesses and dozens of use-after-free vulnerabilities that could lead to remote code execution.

Researchers from Google Project Zero, HP's Zero Day Initiative, the Chromium Vulnerability Rewards Program and Qihoo 360 contributed to the update, among others.

In October, Adobe patched a total of 23 vulnerabilities in Flash Player which were deemed critical, as well as patching bugs in software including AIR Desktop Runtime, AIR SDK & compiler and AIR for Android.

Read on: Top picks