SecurityGarden

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Tuesday, February 12, 2013

Another Critical Adobe Update, Includes Flash Player, AIR and Shockwave

Posted on 11:30 AM by Unknown
Adobe
Although a critical security update was released for Adobe Flash Player just last week, yet another critical security update has been released today.

The updates released are for Adobe Flash Player, Adobe AIR and Adobe Shockwave Player. Details and update instructions are included below.



Adobe Flash Player was again updated to address critical security vulnerabilities.  These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Update Information

The newest versions are as follows:

ProductUpdated versionPlatformPriority rating
Adobe Flash Player11.6.602.168Windows1

11.6.602.167Macintosh2

11.2.202.270Linux3

11.1.115.37Android 4.x3

11.1.111.32Android 3.x and 2.x3
Adobe AIR3.6.0.597Windows, Macintosh and Android3
Adobe AIR SDK3.6.0.599Windows, Macintosh and Android3


Release date: February 12, 2013
Vulnerability identifier: APSB13-05
Priority: Critical
CVE number: CVE-2013-1372, CVE-2013-0645, CVE-2013-1373, CVE-2013-1369, CVE-2013-1370, CVE-2013-1366, CVE-2013-0649, CVE-2013-1365, CVE-2013-1374, CVE-2013-1368, CVE-2013-0642, CVE-2013-0644, CVE-2013-0647, CVE-2013-1367, CVE-2013-0639, CVE-2013-0638, CVE-2013-0637
Platform: All Platforms

Flash Player Update Instructions


Flash Player for Windows, Macintosh and Linux

Although Adobe suggests downloading the update from the Adobe Flash Player Download Center or by using the auto-update mechanism within the product when prompted, if you prefer, direct download links are available.
  • Non-IE (Opera, Firefox, Etc.):  http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_plugin.exe
     
  • Flash Player For Internet Explorer 7, 8 & 9:  http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_active_x.exe

    Flash Player for Internet Explorer 10    : Microsoft updated Security Advisory 2755801.  If you do not have Automatic Updates enabled, the Flash Player update can be downloaded from the Download Center at Update for Internet Explorer Flash Player for Windows 8 Release Preview (KB2758994).

  • Flash Player Uninstaller:  http://download.macromedia.com/get/flashplayer/current/support/uninstall_flash_player.exe

    Notes:
    • For Adobe AIR see Determine version | Adobe AIR runtime. 
    • Beginning with Adobe Flash Version 11.3, the universal 32-bit installer will include the 32-bit and 64-bit versions of the Flash Player.  
    • If you use the Adobe Flash Player Download Center, be careful to uncheck the optional McAfee Security Plus box.  It is not needed for the Flash Player update.
    • Uncheck any toolbar offered with Adobe products if not wanted.
    • If you use alternate browsers, it is necessary to install the update for both Internet Explorer as well as the update for alternate browsers.
    • The separate 32-bit and 64-bit uninstallers have been replaced with a single uninstaller.
    Adobe Flash Player for Android

    The latest version for Adobe Flash Player for Android is available by downloading it from the Android Marketplace by browsing to it on a mobile phone.

    Verify Installation

    To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu. 

    Do this for each browser installed on your computer.

    To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.

    Shockwave Player
    The update to Adobe Shockwave Player for both Windows and Macintosh systems addresses vulnerabilities that could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system.
    Release date: February 12, 2013
    Vulnerability identifier: APSB13-06
    Priority: Critical
    CVE number: CVE-2013-0635, CVE-2013-0636
    Platform: Windows and Macintosh

    Update Information

    The newest version of Shockwave Player 12.0.0.112 is available here:  http://get.adobe.com/shockwave/.

    Notes:
    • Please remember to uncheck any unwanted 3rd party toolbars or other programs during installation. 
    • For information on how to disable the auto-update setting in Shockwave Player, see http://kb2.adobe.com/cps/166/tn_16683.html.  (This must be set every time Shockwave Player is updated if you do not want auto-updating.)

    Verify Installation

    To test the Adobe Shockwave Player installation on your computer, go to the Test Authorware Web Player page.

    References


    • Adobe Priority Ratings
    • Adobe Security Advisory: Security updates available for Adobe Flash Player 
    • Security updates available for Adobe Shockwave Player
    • Release Notes:  Flash Player® 11.5 AIR® 3.5





    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...

    Email ThisBlogThis!Share to XShare to Facebook
    Posted in Adobe, Security, Updates, Vulnerabilities | No comments
    Newer Post Older Post Home

    0 comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)

    Popular Posts

    • Security Bulletin Advance Notice for August, 2013
      On Tuesday, August 13, 2013, Microsoft is planning to release eight (8) bulletins.  Three of the bulletins are identified as Critical with f...
    • Critical Out-of-Band Update Released for MS10-046
      Microsoft released Security Bulletin MS10-046 out-of-band to address a vulnerability in Windows. The security update is identified as crit...
    • Hotmail Security to Protect and Recover Your Account
      Time and time again I see reports from Hotmail users who have lost control of their e-mail account.  As explained by Walter Harp, Director o...
    • Long Awaited Outlook.com Calendar Refresh Rollout
      The long-awaited Outlook.com calendar refresh has been released and is in the process of being rolled out. Because the servers are grouped i...
    • Microsoft Security Advisory 2269637 Released
      Microsoft released Security Advisory 2269637 which relates to a remote attack vector to a class of vulnerabilities affecting applications t...
    • Oracle Java Update
      Oracle released the Java SE 7u40 today.  In addition to bug fixes and enhancements, the update includes the following: advanced monitoring ...
    • Adobe Reader Security Updates
      Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.03) and earlier versions for Windows and Macintosh. Adobe identif...
    • Advance Notice: Security Updates for Java SE
      The Sun Security Blog published the following update announcement: "On November 3, 2009, Sun will release the following security update...
    • Adobe Flash Player and Adobe Air Security Updates
      Adobe released updates to both Adobe Flash Player and Adobe AIR to correct a critical vulnerability in both products. From the Adobe Securi...
    • Waledac Botnet Takedown
      The Waledac botnet had the capability of sending 1.5 billion spam e-mails per day. During a three-week period in December, 2009, approximat...

    Categories

    • Adobe
    • Advisory
    • Amero
    • AntiVirus
    • Apple
    • Ask
    • AVG
    • Bing
    • Browser
    • Child Safety
    • email
    • ESET
    • Ethics
    • Facebook
    • Firefox
    • Firewall
    • FixIt
    • Fraud
    • General
    • Google
    • Hotmail
    • IE10
    • IE6
    • IE7
    • IE8
    • IE9
    • Java
    • Lavasoft
    • malware
    • Microsoft
    • Microsoft Apps
    • Mozilla
    • MVP
    • NCSAM
    • Office
    • Office 2007
    • Office 2010
    • Opera
    • Outlook.com
    • Phishing
    • Privacy
    • safety
    • Search
    • Security
    • Service Pack
    • SkyDrive
    • Skype
    • Software
    • SP1
    • sp2
    • SP3
    • Spotlight
    • Sumatra
    • tutorial
    • UAC
    • Updates
    • Vulnerabilities
    • Windows
    • Windows 7
    • Windows 8
    • Windows Live
    • Windows Live OneCare
    • Windows Vista
    • Windows XP
    • WinPatrol

    Blog Archive

    • ▼  2013 (93)
      • ►  October (2)
      • ►  September (8)
      • ►  August (9)
      • ►  July (5)
      • ►  June (8)
      • ►  May (7)
      • ►  April (15)
      • ►  March (9)
      • ▼  February (16)
        • Critical Security Update for Adobe Flash Player
        • IE10 for Windows 7 Released
        • Moving to SkyDrive
        • Happy 1st Anniversary, Sysnative.com!
        • Adobe Reader and Acrobat Critical Security Update
        • Critical Oracle Java Security Update
        • Mozilla Firefox 19.0 Released with Built-in PDF Vi...
        • Replacing Adobe Reader with Sumatra PDF
        • Critical Security Advisory for Adobe Reader and Ac...
        • Another Critical Adobe Update, Includes Flash Play...
        • Microsoft Security Bulletin Release for February 2013
        • Critical Adobe Flash Player Security Update
        • Security Bulletin Advance Notice for February 2013
        • Mozilla Firefox 18.0.2 Release Includes Massive Bu...
        • Safer Internet Day, Connect With Respect #SID2013
        • Accelerated Java Critical Update
      • ►  January (14)
    • ►  2012 (98)
      • ►  December (7)
      • ►  November (6)
      • ►  October (11)
      • ►  September (5)
      • ►  August (10)
      • ►  July (8)
      • ►  June (12)
      • ►  May (7)
      • ►  April (12)
      • ►  March (6)
      • ►  February (6)
      • ►  January (8)
    • ►  2011 (130)
      • ►  December (8)
      • ►  November (10)
      • ►  October (7)
      • ►  September (12)
      • ►  August (9)
      • ►  July (6)
      • ►  June (13)
      • ►  May (14)
      • ►  April (13)
      • ►  March (15)
      • ►  February (10)
      • ►  January (13)
    • ►  2010 (146)
      • ►  December (10)
      • ►  November (15)
      • ►  October (19)
      • ►  September (15)
      • ►  August (14)
      • ►  July (8)
      • ►  June (19)
      • ►  May (5)
      • ►  April (11)
      • ►  March (6)
      • ►  February (14)
      • ►  January (10)
    • ►  2009 (33)
      • ►  December (11)
      • ►  November (11)
      • ►  October (11)
    Powered by Blogger.

    About Me

    Unknown
    View my complete profile