Adobe has released one critical security update for Adobe Flash Player (APSB16-37) and one security update for Adobe Connect (APSB16-35). The security updates for Adobe Flash Player resolve critical vulnerabilities that allow attackers to execute arbitrary code and take control of the affected systems. The security updates for the Adobe Connect resolves an input validation vulnerability that could lead to cross-site scripting attacks.
Here are the details of Critical Security Updates and Security Advisory :
APSB16-37 (Adobe Flash Player):
- Multiple type confusion vulnerabilities that could lead to code execution (CVE-2016-7860, CVE-2016-7861, CVE-2016-7865).
- Multiple use-after-free vulnerabilities that could lead to code execution (CVE-2016-7857, CVE-2016-7858, CVE-2016-7859, CVE-2016-7862, CVE-2016-7863, CVE-2016-7864).
Affected Versions:
- Adobe Flash Player Desktop Runtime 23.0.0.205 and earlier versions on Windows and Macintosh.
- Adobe Flash Player for Google Chrome 23.0.0.205 and earlier versions on Windows, Macintosh, Linux and ChromeOS.
- Adobe Flash Player for Microsoft Edge and Internet Explorer 11 23.0.0.205 and earlier versions on Windows 10 and 8.1
- Adobe Flash Player 11.2.202.643 and earlier versions on Linux.
APSB16-35 (Adobe Connect):
– An input validation vulnerability in the events registration module that could lead to cross-site scripting attacks (CVE-2016-7851).
Affected Versions:
- Adobe Connect 9.5.6 and earlier versions on Windows
SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.