Friday, June 8, 2012

Adobe Patches: Flash Player, Illustrator CS5, and Photoshop CS5 (12.0)

Today Adobe released updates to its ubiquitous Flash Player. The business versions of the patch haven't been posted to the download site yet so I haven't tested them. Home users who don't have a version of the Flash Player which updates itself should apply the patches as soon as they can since the auto-updating version fixes a number of known vulnerabilities. Adobe rates the Windows and Mac versions as Priority 2, saying "This update resolves vulnerabilities in a product that has historically been at elevated risk. There are currently no known exploits. Based on previous experience, we do not anticipate exploits are imminent. As a best practice, Adobe recommends administrators install the update soon (for instance, within 30 days)."  I will advise you when the business versions are available so you can distribute them without needing to update each machine on your network manually.

Almost a month ago (on Monday, May 14, 2012), I posted a notice that Adobe to patch Illustrator, Photoshop, and Flash Pro CS5.x for free, Well, they have patched Illustrator and Photoshop CS5.x now. Flash Pro is not patched yet. If you have either of these products, I recommend you apply the patches as the Bad Guys have had almost a month to reverse-engineer the fixes that went in to CS6.

Critical Security Fixes for Adobe Flash Player — Krebs on Security
Adobe has released a critical update to its Flash Player software that fixes at least seven security vulnerabilities in the program. The new version also extends sandboxing protection to Mac OS X users browsing the Web with Mozilla Firefox.

The update, Flash Player 11.3, plugs at least seven security holes in Flash Player and Adobe Air. The company warns that attackers could use these flaws to crash the applications and seize control over unpatched systems. Flash updates are available for Windows, Mac, Linux and Android systems. Adobe AIR patches are available for Windows, Mac and Android platforms. See the chart below for the latest, patched versions numbers for each platform.


Adobe - Security Bulletins: APSB12-14 - Security updates available for Adobe Flash Player
Adobe released security updates for Adobe Flash Player 11.2.202.235 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.8 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.9 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe - Security Bulletins: APSB12-09 - Security bulletin for Adobe Illustrator
Adobe released security updates for Adobe Illustrator CS5 (15.0.x) and Adobe Illustrator CS5.5 (15.1) for Windows and Macintosh. These updates address vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.
Adobe - Security Bulletins: APSB12-11 Security bulletin for Adobe Photoshop
Adobe released security updates for Adobe Photoshop CS5 (12.0) and Adobe Photoshop CS5.1 (12.1) for Windows and Macintosh. These updates address vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.

No comments: