Adobe eliminates critical vulnerabilities in AIR
The AIR update also contains an update for the Flash Player components, for versions 9 and 10 of which bugfixes recently appeared (Bugfixes). With this move, Adobe has now belatedly supplied information about other, hitherto unknown security vulnerabilities that are eliminated by this update. Although Adobe gives no details, these vulnerabilities in Flash Player are alleged to have been remotely exploitable to infect a computer with malicious code. The report says all this required was visiting a web site or opening an email.
For that reason, Adobe is classifying the AIR update as critical. Users should not hesitate to install the new version.
- AIR update available to address security vulnerabilities, security advisory from Adobe
- Additional disclosure of security vulnerabilities fixed in Flash Player 10.0.12.36 and Flash Player 18.104.22.168, security advisory from Adobe