Adobe Issues Critical Security Updates
The US Cert website reported that Adobe issued critical a security update for Adobe Flash Player. The security update is considered critical. The Flash Player versions are versions 18.104.22.168 and earlier.
The updates apply to Adobe Flash Player Desktop Runtime on Windows, Linux, and Macintosh; To Adobe Flash Player for Google Chrome on Windows, Macintosh, Linux, and Chrome OS; To Adobe Flash Player for Microsoft Edge and Internet Explorer 11 for Windows 10 and Windows 8.1
Until updated, Flash is subject to exploitation by hackers who could execute code on an unpatched machine.
Users who have automatic updates enabled will receive the update automatically. If automatic updates are not enabled the users can accept the update when prompted by the app.
Adobe also released another security update, this time for Adobe Dreamweaver CC. This update is also considered critical. The security patch fixes a vulnerability in the operating system that allows hackers to execute malicious code without the user’s knowledge. This security update applies to Adobe Dreamweaver CC version 18.0 and earlier on Windows machines.
Adobe released a priority 3 security update for Adobe Connect. This update resolves an unrestricted SWF file upload vulnerability which could be exploited by hackers to conduct cross-site scripting attacks. It also patches an OS command injection vulnerability in the Adobe Connect URI handler on Windows. If left unpatched, the vulnerability could result in unintended arbitrary local file removal or forced uninstall of the application.