Adobe unveils Flash Player security update

News
By published

Software vendor to plug security holes in media player with latest product update.

Software update

Software vendor Adobe has announced an update for its popular Flash Player.

The new version fixes a number of security holes, including critical vulnerabilities that could result in memory corruption, stack overflows, security bypasses, null dereferencing and DLL hijacking.

Most of the addressed flaws deal with problems that could help hackers execute code on a user's machine.

These updates address vulnerabilities that could cause a crash or allow an attacker to take control of an affected system.

It also includes enhancements to the security of the code on a variety of platforms.

For instance, the Windows version of Flash Player now sports a production version of Flash Player Protected Mode for Firefox. This sandboxes the code in the browser, making it more difficult for hackers to access other processes on a user's machine.

"These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system," said Adobe in an advisory.

Mac users get silent updating in the background. This runs a daemon on the machine every hour to check for updates on Adobe's servers. When updates are available, it downloads them once a response has been obtained.

This feature can be disabled in the Flash Player preferences menu.

Adobe has also signed the code on the Mac version in readiness for the Mac OS X release of Mountain Lion.

The next version of Apple's operating system will feature "GateKeeper". This is designed to protect users from malware while downloading applications on to their computers.

"Starting with Flash Player 11.3, Adobe has started signing releases for Mac OS X using an Apple Developer ID certificate," said Brad Arkin, Adobe's senior director of security, products and services, on a company blog.

When the Gatekeeper function is set to 'Mac App Store and identified developers,' end-users would "be able to install Flash Player without being blocked," added Arkin.

Flash Player on Windows and Macintosh will get updated to version 11.3.300.257, while Linux gets updated to 11.2.202.236. All previous versions should be treated as vulnerable to attack from criminals.

Rene Millman
Rene Millman

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.

Jensen Huang, co-founder and chief executive of Nvidia pictured on stage at Nvidia GTC 2025 holding two GPUs.

Nvidia GTC 2025: Four big announcements you need to know about
The words "How effective are AI agents?" set against a dark blue background bearing the silhouettes of flowchart rectangles and diamonds to represent the computation and decisions made by AI agents. The words "AI agents" are yellow, while the others are white. The ITPro Podcast logo is in the bottom right-hand corner.

How effective are AI agents?
An illustration showing a mouth with speech bubbles and question marks and a stylized robot alien representing an AI assistant chirping away with symbols and ticks, to represent user annoyance with AI assistants.

On-device AI assistants are meant to be helpful – why do I find them so annoying?
See more latest
Most Popular
Jensen Huang, co-founder and chief executive of Nvidia pictured on stage at Nvidia GTC 2025 holding two GPUs.
Nvidia GTC 2025: Four big announcements you need to know about
Businessman hand pointing finger to growth success finance business chart of metaverse technology financial graph investment diagram on analysis stock market background with digital economy exchange.
Global security spending continues to rise
Women in tech concept image showing female tech worker sitting at desk working on desktop computer.
Imposter syndrome is pushing women out of tech
Jensen Huang, co-founder and chief executive officer of Nvidia, pictured during a news conference at the Nvidia GPU Technology Conference (GTC) in San Jose, California, US.
‘This is the first event in history where a company CEO invites all of the guests to explain why he was wrong’: Jensen Huang changes his tune on quantum computing after January stock shock
ServiceNow signage pictured during the Singapore FinTech Festival in Singapore, on Wednesday, Nov. 15, 2023.
Old ServiceNow vulnerabilities could cause havoc for unpatched customers
Soft skills concept image showing informal staff meeting in an open plan office environment with workers having a discussion.
AI skills training can't be left in the hands of big tech
Oracle CloudWorld Tour sign pictured at the company event in London, UK.
AI agent announcements are a dime a dozen right now – here’s what Oracle thinks it’s doing differently
Close-up shot of data centers servers in red, black, and light blue colors.
Server sales are skyrocketing – and growth shows no sign of slowing down
SonicWall logo and branding pictured on a smartphone screen.
SonicWall pins ‘transformational year’ on strong partner growth
Antonio Neri, chief executive officer of Hewlett Packard Enterprise Co. (HPE), bottom left, and Jensen Huang, co-founder and chief executive officer of Nvidia Corp., during a keynote address at the HPE Discover event at the Sphere in Las Vegas, Nevada, US, on Tuesday, June 18, 2024.
HPE unveils Mod Pod AI ‘data center-in-a-box’ at Nvidia GTC