Software vendor Adobe has announced an update for its popular Flash Player.
The new version fixes a number of security holes, including critical vulnerabilities that could result in memory corruption, stack overflows, security bypasses, null dereferencing and DLL hijacking.
Most of the addressed flaws deal with problems that could help hackers execute code on a user's machine.
These updates address vulnerabilities that could cause a crash or allow an attacker to take control of an affected system.
It also includes enhancements to the security of the code on a variety of platforms.
For instance, the Windows version of Flash Player now sports a production version of Flash Player Protected Mode for Firefox. This sandboxes the code in the browser, making it more difficult for hackers to access other processes on a user's machine.
"These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system," said Adobe in an advisory.
Mac users get silent updating in the background. This runs a daemon on the machine every hour to check for updates on Adobe's servers. When updates are available, it downloads them once a response has been obtained.
This feature can be disabled in the Flash Player preferences menu.
Adobe has also signed the code on the Mac version in readiness for the Mac OS X release of Mountain Lion.
The next version of Apple's operating system will feature "GateKeeper". This is designed to protect users from malware while downloading applications on to their computers.
"Starting with Flash Player 11.3, Adobe has started signing releases for Mac OS X using an Apple Developer ID certificate," said Brad Arkin, Adobe's senior director of security, products and services, on a company blog.
When the Gatekeeper function is set to 'Mac App Store and identified developers,' end-users would "be able to install Flash Player without being blocked," added Arkin.
Flash Player on Windows and Macintosh will get updated to version 11.3.300.257, while Linux gets updated to 11.2.202.236. All previous versions should be treated as vulnerable to attack from criminals.
-
M&S suspends online sales as 'cyber incident' continuesNews Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
-
Manners cost nothing, unless you’re using ChatGPTOpinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
-
Warning issued over “incomplete” fix for Adobe ColdFusion vulnerabilityNews An incomplete fix for a vulnerability disclosure could be placing users at risk, researchers warned
-
Adobe forced to patch its own failed security updateNews Company issues new fix for e-commerce vulnerability after researchers bypass the original update
-
Ask more from your CMSWhitepaper How to get the most value in the shortest timespan
-
Adobe battles fake photos with editing tagsNews Photoshop will include new tagging tools later this year to help fight against misinformation and deep fakes
-
Adobe Photoshop Elements 2019 review: Trapped in the photo-editing middle groundReviews A once peerless beginner’s photo-editing package that’s past its prime
-
How Adobe saved BT £630,000Sponsored Adobe’s digital signature platform is saving time and money - and forging stronger connections between businesses and customers
-
Don't settle when it comes to creativitySponsored Getting the best out of your creative design team means equipping them with the best software
-
The benefits of a subscription serviceSponsored Why software vendors are increasingly moving to a subscription model
