Adobe has issued security fixes addressing 12 vulnerabilities affecting its Flash Player and AIR for Windows, Macintosh and Linux platforms.
A number of the bugs patched were classified as critical, which if exploited could allow an attacker to execute malicious code on a machine. Vulnerable versions of Flash Player for Windows and Macintosh systems include 184.108.40.206 and earlier, as well as 220.127.116.11 and earlier, according to a recent Adobe Security Bulletin.
Flash Player 18.104.22.168 and earlier versions for Google Chrome on all platforms, including Linux, should be updated. The AIR updates affect versions 22.214.171.124 on Windows and Macintosh platforms, as well as iOS devices, while version 126.96.36.199 should be updated on Android devices.
The updates address security bypass, use-after-free, memory corruption, heap buffer overflow, same origin policy and memory leakage vulnerabilities.