Adobe Updates Flash Player 12 to Address Two Vulnerabilities


Flash Player updated to fix 2 vulnerabilities

Adobe has released updates for Flash Player 12.0.0.70 for Windows and Mac, and Flash Player 11.2.202.341 for Linux to address a couple of security holes.

The company advises all users of Adobe Flash Player 12.0.0.70 and earlier versions for Windows and Mac to update their installations to version 12.0.0.77. Linux users who still utilize version 11.2.202.341 and earlier are advised to update to Flash Player 11.2.202.346.

The updates address two vulnerabilities. The first one has the CVE identifier CVE-2014-0503 and it refers to a flaw that could be exploited to bypass the same origin policy. The second issue, CVE-2014-0504, could be leveraged to read the contents of the clipboard.

The same origin policy bypass vulnerability has been identified by Masato Kinugawa. The other security hole has been discovered and reported by Jordan Milne.

Adobe says that Flash Player 12.0.0.70 installed with Chrome, Internet Explorer 10 and Internet Explorer 11 will be updated automatically to the latest version.

Flash Player vulnerabilities are often abused by cybercriminals in their operations. Back in February, Adobe released an emergency update to fix a zero-day that had been exploited in the wild as part of a campaign dubbed “Operation GreedyWonk”.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s