Adobe Flash Vulnerabilities


Date: December 10, 2009
To:  The U of U Campus Community
From:    Office of Information Technology and the Information Security Office
Subject: Adobe Flash Vulnerabilities

 

Adobe recently released Security bulletin APSB09-19, identifying critical vulnerabilities affecting Adobe Flash Player version 10.0.32.18 and earlier and also Adobe AIR version 1.5.2 and earlier. According to the bulletin, "These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system."

Recommendations

  • If you are using Adobe Flash Player 10.0.32.18 and earlier, Adobe recommends that you update to Adobe Flash Player 10.0.42.34.
  • If you are using Adobe AIR version 1.5.2 and earlier, Adobe recommends that you update to Adobe AIR 1.5.3.

 

Technical Resources:

Adobe Flash: Use the University's Media Player Help page to update your version of Adobe Flash Player. 

Or you can update by going to the Adobe Flash Player Download Center or by using the auto-update mechanism within the product when prompted.

Adobe AIR: Adobe recommends all users of Adobe AIR version 1.5.2 and earlier update to the newest version 1.5.3 by downloading it from the Adobe AIR Download Center.

 

For More

US-Cert Cyber Alert: http://www.us-cert.gov/cas/techalerts/TA09-343A.html