Tanzania Computer Emergency Response Team
Adobe has released security updates for Flash Player, ColdFusion and Flex. These updates address critical vulnerability that could potentially allow an attacker to take control of the affected system or lead to reflected cross-site scripting.
Affected software versions are:-
(a) Adobe Flash Player 17.0.0.134 and earlier versions
(b) Adobe Flash Player 13.0.0.277 and earlier 13.x versions
(c) Adobe Flash Player 11.2.202.451 and earlier 11.x versions
(d) ColdFusion 11 and 10
(e) Adobe Flex 4.6 and earlier versions
The following update is available:-
(a) Adobe Flash Player desktop runtime for Windows and Macintosh update to Adobe Flash Player 17.0.0.169
(b) Adobe Flash Player Extended Support Release should update to version 13.0.0.281.
(c) Adobe Flash Player for Linux update to Adobe Flash Player 11.2.202.457
(d) Adobe Flash Player installed with Google Chrome will be automatically updated to the latest Google Chrome version, which will include Adobe Flash Player 17.0.0.169.
(e) Adobe Flash Player installed with Internet Explorer for Windows 8.x will be automatically updated to the latest version when available, which will include Adobe Flash Player 17.0.0.169.
Users and administrators are encouraged to review the Adobe Security Bulletins and apply the necessary updates.