Patch/Configuration Management, Vulnerability Management

Adobe updates Flash Player and AIR, fixes 35 bugs

Adobe released Flash Player and AIR updates on Tuesday that address 35 bugs, some of which could be exploited by an attacker to take control of a vulnerable system.

Windows and Macintosh users should update Flash Player to version, and those running Linux systems should update to, according to a Tuesday release. AIR Desktop Runtime, AIR SDK and AIR SDK & Compiler have been updated to for all platforms.

Nearly every vulnerability addressed by Adobe could lead to code execution – that includes 15 use-after-free vulnerabilities, eight memory corruption vulnerabilities, five type confusion vulnerabilities, and five buffer overflow and heap buffer overflow bugs, as well as an integer overflow flaw.  

According to the release, “These updates include further hardening to a mitigation introduced in version to defend against vector length corruptions (CVE-2015-5125).”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.