Adobe has released a set of updates for its products
Adobe has updated its products to Flash Player [ APSB15-09 ] and Reader, Acrobat [ APSB15-10 ]. Many vulnerabilities such as Remote Code Execution were closed for them, which could be used by attackers to remotely execute code through a browser using malicious Flash (swf) content. 18 vulnerabilities were closed for Flash Player, and for Reader and Acrobat 34.
In the case of Reader and Acrobat the situation is the same, a large number of RCE vulnerabilities have been fixed ( HeapOv & Use-After-Free) that can be used by attackers to remotely execute code through a vulnerable version of products using a malicious PDF file. Several fixed vulnerabilities relate to security bypass methods when invoking the Javascript API. Current product versions are listed in the table below.
We recommend updating your Flash Player. Browsers such as Internet Explorer 10 & 11 on Windows 8 / 8.1 and Google Chrome update their versions of Flash Player automatically. For IE, see the updated Security Advisory 2755801 . Check your version of Flash Player for relevance here , the table below shows these versions for various browsers.
be secure.
In the case of Reader and Acrobat the situation is the same, a large number of RCE vulnerabilities have been fixed ( HeapOv & Use-After-Free) that can be used by attackers to remotely execute code through a vulnerable version of products using a malicious PDF file. Several fixed vulnerabilities relate to security bypass methods when invoking the Javascript API. Current product versions are listed in the table below.
We recommend updating your Flash Player. Browsers such as Internet Explorer 10 & 11 on Windows 8 / 8.1 and Google Chrome update their versions of Flash Player automatically. For IE, see the updated Security Advisory 2755801 . Check your version of Flash Player for relevance here , the table below shows these versions for various browsers.
be secure.