SecurityGarden

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Friday, June 8, 2012

Adobe Flash Player Security Update

Posted on 3:18 PM by Unknown

Adobe Flash Player was updated to address critical security vulnerabilities.
Note that beginning with Adobe Flash Version 11.3, the universal 32-bit installer includes the 32-bit and 64-bit versions of the Flash Player.  Additionally, the separate 32-bit and 64-bit uninstallers have been replaced with a single uninstaller.
Three security improvements were included in the release of Flash Player 11.3.  From the ASSET Blog, linked below:
  • Flash Player Protected Mode (“sandboxing”) is now available for Firefox users on Windows.  (Note:  As explained in the ASSET Blog, Protected Mode for Firefox is not available on Windows XP.) 
  • For Mac users, this release will include the background updater for Mac OS X.
  • This release and all future Flash Player releases for Mac OS X will be signed with an Apple Developer ID, so that Flash Player can work with the new Gatekeeper technology for Mac OS X Mountain Lion (10.8).

Update Information

The newest version for Windows, Macintosh, Linux and Solaris is 11.3.300.257. (Edit Note:  Solaris was not included in this update.)

Release date: June 8, 2012
Vulnerability identifier: APSB12-14
Priority: See table below
CVE number: CVE-2012-2034, CVE-2012-2035, CVE-2012-2036, CVE-2012-2037, CVE-2012-2038, CVE-2012-2039, CVE-2012-2040
Platform: All Platforms

Priority and Severity ratings

Adobe categorizes these updates with the following priority ratings and recommends users update their installations to the newest versions:
Product
Updated Version
Platform
Priority Rating
Adobe Flash Player 11.3.300.257 Windows and Macintosh
2

11.2.202.236 Linux
3

11.1.115.9 Android 4.x
3

11.1.111.10 Android 3.x and 2.x
3
Adobe AIR 3.3.0.3610 Windows, Macintosh, and Android
3

These updates will address critical vulnerabilities in the software.

Flash Player Update Instructions


Flash Player for Windows, Macintosh, Linux and Solaris

Although Adobe suggests downloading the update from the Adobe Flash Player Download Center or by using the auto-update mechanism within the product when prompted, if you prefer, direct download links are available.
  • Flash Player For Internet Explorer:  http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_active_x.exe
  • Non-IE (Opera, Firefox, Etc.):  http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_plugin.exe
  • Flash Player Uninstaller:  http://download.macromedia.com/get/flashplayer/current/support/uninstall_flash_player.exe
(H/T ky331 for the correct Uninstaller link!)

    Notes:
    • Beginning with Adobe Flash Version 11.3, the universal 32-bit installer will include the 32-bit and 64-bit versions of the Flash Player.  
    • If you use the Adobe Flash Player Download Center, be careful to uncheck the optional McAfee Security Plus box.  It is not needed for the Flash Player update.
    • Uncheck any toolbar offered with Adobe products if not wanted.
    • If you use alternate browsers, it is necessary to install the update for both Internet Explorer as well as the update for alternate browsers.
    • The separate 32-bit and 64-bit uninstallers have been replaced with a single uninstaller.
    Adobe Flash Player for Android

    The latest version for Adobe Flash Player for Android is available by downloading it from the Android Marketplace by browsing to it on a mobile phone.

    Verify Installation

    To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu. 

    Do this for each browser installed on your computer.

    To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.

    When Adobe Flash Player is updated, it is recommended that Adobe AIR version be checked as well.  Go to Adobe AIR Help to determine the version of Adobe AIR runtime installed.  The current version of Adobe AIR is 3.3.0.3610.

    References


    • Adobe Priority Ratings
    • Adobe Security Advisory: Security update available for Adobe Flash Player
    • Adobe PSIRT Blog: Security Update for Adobe Flash Player (APSB12-14)
    • ASSET Blog:  Flash Player 11.3 delivers additional security capabilities for Mac and Firefox users





    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...

    Email ThisBlogThis!Share to XShare to Facebook
    Posted in Adobe, Security, Updates, Vulnerabilities | No comments
    Newer Post Older Post Home

    0 comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)

    Popular Posts

    • Security Bulletin Advance Notice for August, 2013
      On Tuesday, August 13, 2013, Microsoft is planning to release eight (8) bulletins.  Three of the bulletins are identified as Critical with f...
    • Critical Out-of-Band Update Released for MS10-046
      Microsoft released Security Bulletin MS10-046 out-of-band to address a vulnerability in Windows. The security update is identified as crit...
    • Hotmail Security to Protect and Recover Your Account
      Time and time again I see reports from Hotmail users who have lost control of their e-mail account.  As explained by Walter Harp, Director o...
    • Long Awaited Outlook.com Calendar Refresh Rollout
      The long-awaited Outlook.com calendar refresh has been released and is in the process of being rolled out. Because the servers are grouped i...
    • Microsoft Security Advisory 2269637 Released
      Microsoft released Security Advisory 2269637 which relates to a remote attack vector to a class of vulnerabilities affecting applications t...
    • Oracle Java Update
      Oracle released the Java SE 7u40 today.  In addition to bug fixes and enhancements, the update includes the following: advanced monitoring ...
    • Adobe Reader Security Updates
      Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.03) and earlier versions for Windows and Macintosh. Adobe identif...
    • Advance Notice: Security Updates for Java SE
      The Sun Security Blog published the following update announcement: "On November 3, 2009, Sun will release the following security update...
    • Adobe Flash Player and Adobe Air Security Updates
      Adobe released updates to both Adobe Flash Player and Adobe AIR to correct a critical vulnerability in both products. From the Adobe Securi...
    • Waledac Botnet Takedown
      The Waledac botnet had the capability of sending 1.5 billion spam e-mails per day. During a three-week period in December, 2009, approximat...

    Categories

    • Adobe
    • Advisory
    • Amero
    • AntiVirus
    • Apple
    • Ask
    • AVG
    • Bing
    • Browser
    • Child Safety
    • email
    • ESET
    • Ethics
    • Facebook
    • Firefox
    • Firewall
    • FixIt
    • Fraud
    • General
    • Google
    • Hotmail
    • IE10
    • IE6
    • IE7
    • IE8
    • IE9
    • Java
    • Lavasoft
    • malware
    • Microsoft
    • Microsoft Apps
    • Mozilla
    • MVP
    • NCSAM
    • Office
    • Office 2007
    • Office 2010
    • Opera
    • Outlook.com
    • Phishing
    • Privacy
    • safety
    • Search
    • Security
    • Service Pack
    • SkyDrive
    • Skype
    • Software
    • SP1
    • sp2
    • SP3
    • Spotlight
    • Sumatra
    • tutorial
    • UAC
    • Updates
    • Vulnerabilities
    • Windows
    • Windows 7
    • Windows 8
    • Windows Live
    • Windows Live OneCare
    • Windows Vista
    • Windows XP
    • WinPatrol

    Blog Archive

    • ►  2013 (93)
      • ►  October (2)
      • ►  September (8)
      • ►  August (9)
      • ►  July (5)
      • ►  June (8)
      • ►  May (7)
      • ►  April (15)
      • ►  March (9)
      • ►  February (16)
      • ►  January (14)
    • ▼  2012 (98)
      • ►  December (7)
      • ►  November (6)
      • ►  October (11)
      • ►  September (5)
      • ►  August (10)
      • ►  July (8)
      • ▼  June (12)
        • Microsoft .NET Framework Repair Tool
        • Firefox 'New Tab' Feature Exposes Secure Information
        • Adobe Flash Player "Plug-in Version" Updated
        • Mozilla Firefox 13.0.1 Addresses Adobe Flash Crashes
        • Microsoft Security Advisory 2719615 + Fix it Solution
        • Oracle Java SE Critical Security Update
        • Microsoft June 2012 Security Bulletin Release
        • Flash Player Update Causes Firefox Crashes
        • Adobe Flash Player Security Update
        • Security Bulletin Advance Notice for June
        • Mozzila Firefox 13 Released With Critical Security...
        • Security Advisory & Update Related to Flame
      • ►  May (7)
      • ►  April (12)
      • ►  March (6)
      • ►  February (6)
      • ►  January (8)
    • ►  2011 (130)
      • ►  December (8)
      • ►  November (10)
      • ►  October (7)
      • ►  September (12)
      • ►  August (9)
      • ►  July (6)
      • ►  June (13)
      • ►  May (14)
      • ►  April (13)
      • ►  March (15)
      • ►  February (10)
      • ►  January (13)
    • ►  2010 (146)
      • ►  December (10)
      • ►  November (15)
      • ►  October (19)
      • ►  September (15)
      • ►  August (14)
      • ►  July (8)
      • ►  June (19)
      • ►  May (5)
      • ►  April (11)
      • ►  March (6)
      • ►  February (14)
      • ►  January (10)
    • ►  2009 (33)
      • ►  December (11)
      • ►  November (11)
      • ►  October (11)
    Powered by Blogger.

    About Me

    Unknown
    View my complete profile