Each, year, Adobe Flash Player has been flooded with vulnerabilities which expose computer systems to malware and virus attacks, one of which was the recent Windows malware that passed itself as Adobe Flash Player on MacOS. This problem was immediately resolved and just recently, Adobe released seven critical security vulnerability patches to ensure potential attacks are prevented.
It is not a secret that for the past months, web browsers have expressed ending support for Flash, including Firefox and Google Chrome soon. However, many mainstream websites will not run multimedia without the Flash, so getting rid of this software application will not also be an easy decision. In the meantime, Adobe is on-the-double to strengthen its security.
Along Came Security Patches
Since flaws in arbitrary code executions can lead to a nightmare for users who leave their computer systems vulnerable from using older Flash versions, Adobe recommends immediate updates for several platforms which are covered in the latest version of the software.
The affected versions include Windows, Macintosh and Linux, specifically the Adobe Flash Player Desktop Runtimes with version 188.8.131.52 for Windows and Linux as well as the older ones. Conversely, for Mac users, these are versions 184.108.40.206 and earlier.
For users of Adobe Flash Player for Google Chrome, these will be the versions 220.127.116.11 and older for Windows, Linux, Android and iOS. Meanwhile, for Windows 8.1 and 10 with Adobe Flash Player for Microsoft Edge and Internet Explorer 11, the versions in question are 18.104.22.168 and earlier.
Use-after-free Vulnerability Bug
This is another issue Adobe is working on, along with the six memory errors Adobe Flash Player users can fall prey to. The so-called bug is responsible for the permission of remote code execution. Uncovered by security researchers at Tencent KeenLab and Google’s Project Zero, this bug faces a fix with the update. One factor to take note of, though, is that Adobe is hands off in terms of paying errors discovered by third-party security researchers as opposed to the practices of Google and Microsoft.
The bug can result to code execution which can allow hackers and online predators to take control of the affected computers.
- Code Execution (CVE – 2017-3071)
- Memory Corruption Vulnerabilities with Code Executions (CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074)
With the current updates already rolled out and users can check if they already have the latest Adobe Flash Player versions via verification from the About Page of Adobe Flash Player. And if the Flash is running when user decides to verify, it can be down with a simple Right-click action.
The latest update versions include Adobe Flash Player version 22.214.171.124 for Macintosh, Linux, Chrome OS and Windows. However, there is no need to update if you are using Google Chrome since updates are automatic and along with it is the update for the Flash.
For Microsoft Edge and Internet Explorer running on Window 8.1 and 10, updates for the Adobe Flash Player are also automatic while Windows, Macintosh, Windows and Linux are also getting updates for Adobe Flash Player Desktop Runtime version 126.96.36.199.
By using the latest version of the Flash, you ensure your desktops and devices are kept from harmful online attacks. Be on the lookout for the latest versions and read more on why you need to enable automatic updates in Adobe Flash Player.