Adobe today released security updates for Flash Player, AIR, Shockwave Player, Acrobat and Reader. The updates for Flash Player and Shockwave Player on Windows and Mac address a vulnerability which Adobe classifies as Priority 1, which indicates that it is being exploited in the wild at a high risk of exploit.
The updated versions of Flash Player on Windows and Mac are 11.8.800.168 and 11.7.700.242. Earlier 11.7 and 11.8 versions are vulnerable. Updates are also available for Flash Player on Linux and Android, as well as Adobe AIR and the Adobe AIR SDK. These are not as severe and updating is not as high a priority.
The updates for Reader and Acrobat are classified as less urgent. They are important vulnerabilities, but not being exploited.
The affected versions of Flash and AIR are:
The affected versions of Adobe Reader and Acrobat are:
Users can update to the latest version of Adobe Flash Player at http://get.adobe.com/flashplayer. Users can update Adobe Reader and Acrobat from the Help menu ("Check for Updates...")
(Correction: An earlier version of this story stated that the Flash and Shockwave updates were being exploited in the wild. They are not; they are at a high risk of exploit.)