Adobe patches remote code execution and keylogging flaws in Flash Player

Some of the vulnerabilities allow attackers to take full control of users' systems

Adobe Systems fixed nine vulnerabilities in Flash Player that allow attackers to record users' keystrokes or take complete control of their computers.

These are Flash Player updates you'll want to install, unlike the malicious one served from the North Korean news agency site.

The updates, Flash Player 16.0.0.257 for Windows and Mac and Flash Player 11.2.202.429 for Linux, address seven remote code execution vulnerabilities, an information disclosure flaw that can be exploited to capture keystrokes and a lower-risk file validation issue.

The company also included the fixes in its Flash Player Extended Support Release (ESR), an older Flash Player version used by organizations that prefer stability over new functionality. The updated ESR version is 13.0.0.260.

Users of Google Chrome and Internet Explorer on Windows 8 or 8.1 will automatically receive the Flash Player updates through the update mechanisms of those browsers.

Adobe AIR, a framework for developing and running rich Internet applications, has also been updated because it bundles Flash Player. The AIR desktop runtime was updated to version 16.0.0.245, the AIR SDK (Software Development Kit) and Compiler were updated to version 16.0.0.272 and Adobe AIR for Android was updated to version 16.0.0.272.

Outdated Flash Player browser plug-ins are a common target in drive-by download attacks that install malware through silent exploits hosted on compromised websites. Users should always make sure they're running the latest versions of Flash Player, Java, Silverlight, Adobe Reader and other programs that install browser plug-ins.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags patch managementonline safetypatchesAdobe SystemsExploits / vulnerabilities

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Lucian Constantin

Lucian Constantin

IDG News Service
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?