Adobe patches Flash, Reader and more
Adobe's official patch day sees the release of updates for its Flash and Shockwave Players, Reader, Acrobat, ColdFusion, LiveCycle Data Services and BlazeDS. All of the updates primarily fix security vulnerabilities which can be remotely exploited by attackers to compromise systems or to crash software.
Adobe has fixed a critical vulnerability in Flash Player for Windows, Mac, Linux, Solaris and Android. The bug is fixed in version 10.3.181.26 for desktop systems; an update for Android is due shortly. In contrast to many Flash vulnerabilities, this time Reader and Acrobat are not affected.
Not that they don't have enough problems of their own – Adobe has fixed 13 vulnerabilities in versions 8.x, 9.x and 10.x for Windows and Mac. The version number of Adobe Reader and Acrobat versions with a sandbox has been incremented to 10.1. The new version will be distributed and installed automatically via the automatic update function, as will the Flash update.
Version 22.214.171.1246 of Adobe's Shockwave Player fixes 24 security-related bugs. There are also updates for LiveCycle Data Services and BlazeDS which fix two vulnerabilities. A hotfix for ColdFusion 9.0.1, 9.0, 8.0.1 and 8.0 for Windows, Mac and Linux takes care of two vulnerabilities.
Adobe's Flash Player update has already seen Google update the stable and beta versions of the Chrome browser which bundles Flash.