Adobe announced a new patch collection update that amends a total of 37 vulnerabilities in their products, including 29 issues found in Flash Player.
29 Security Issues in Flash Player Are Now Resolved
Adobe has released its newest security patch collection that amends the known and unfixed security issues so far. The software updates for Flash Player were released yesterday. The fixed versions are the builds for the Microsoft Windows, Mac OS X, Gnu/Linux and the Chrome OS operating systems. They address critical vulnerabilities that could allow malicious users to gain access to the affected systems. Some of the amended problems include the following:
- Adobe patched the critical issue that allowed remote code execution due to an integer overflow vulnerability.
- The security staff has also patched several vulnerabilities that resolve use-after-free approaches that have lead to malicious code executions.
- Issues that lead to information disclosure have also been amended.
- The updates fix memory corruption problems that lead to arbitrary code execution.
The issued patches resolve problems that have been reported by independent researchers and employees of Tencent, Microsoft, Google, Qihoo 360, NCC Group and Palo Alto Networks. Their contribution has been acknowledged by the company.
Adobe has also updated some of its other products with the latest security patch release.
The Digital Editions ebook player has been updated. Its Microsoft Windows, Mac OS X, iOS and Android versions have been patched to fix seven vulnerabilities that allow attackers to execute arbitrary code. Other problems that have been fixed include several memory corruption bugs.
A separate advisory was published by Adobe on Tuesday that describes the security improvements in the AIR SDK and its compiler. The latest version (23.0.0.257) adds support for the secure transfer of analytics for the AIR applications on Android.
So far there are no known exploits that have been used against the newer versions of the products.