In association with heise online

11 November 2011, 15:08

Adobe closes 12 critical holes in Flash

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Flash logo

Adobe has closed twelve critical holes in all supported versions of Flash Player up to and including version The memory corruption vulnerabilities allowed attackers to inject malicious code on computers; visiting a specially crafted web page is all that is required to become a victim. When Internet Explorer is used, attackers can exploit a further hole to bypass the cross-domain policy.

It is recommended that all users should update to the latest version of Flash immediately to protect their systems. Users can check which version of Flash they are running in their browser by visiting the Adobe Flash Player page. Flash Player for Android is also affected – the most recent vulnerable version is; the update to version can be installed via the Android Market.

Version 3.0 of the AIR application platform (including Adobe AIR for Android) is also vulnerable. Updating to version fixes the issues and improves overall performance.

A recent Stable channel update of Google Chrome to version 15 already includes the current Flash Player release and addresses other vulnerabilities in the WebKit-based web browser.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit