“Critical” Adobe Flash Player Vulnerabilities Found by Google’s Security Team
By on March 6th, 2012

Adobe has released an update to its Adobe Flash and Shockwave Player, as there were critical vulnerabilities found in both the products. The vulnerabilities were found by two Google’s security team members and reported the same to the Adobe.

According to the advisory from Adobe, Google’s Tavis Ormandy and Fermin J. Serna found the integer error and a memory corruption vulnerability, which could have been used by hackers to take advantage of it and completely control the computers that are affected by it.Adobe Flash Player

Adobe has rated these vulnerabilities as “critical,” and has fixed the bugs with an update for Windows, Mac, Linux and Solaris OS users. The update comes with the priority rating 2, and urges users to apply the update within the next 30 days.  According to the definition of “Priority 2″ given by Adobe, the update completely resolves the issues that caused the product to pose significant risk, and currently there no known exploits.

The two vulnerabilities found are -

CVE-2012-0768 is a memory corruption vulnerability that could lead to remote code execution by exploiting a flaw in Matrix3D.

CVE-2012-0769 is an information disclosure vulnerability as a result of integer errors in Flash Player.

Vulnerabilities are rated “critical” when the product poses a risk to the user’s computer, and if it is exploited, it would allow hackers to run malicious native-code to execute on the user’s system without the users being aware of.

The vulnerability is addressed to Adobe Player 11.1.102.62 and earlier versions for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 11.1.115.6 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.6 and earlier versions for Android 3.x and 2.x.

Adobe recommends users of Flash Player 11.1.102.62 and earlier versions to update to Flash Player 11.1.102.63, and users of Flash Player 11.1.115.6 and earlier versions on Android 4.x, should update to Flash Player 11.1.115.7. Android 3.x users are asked to update the Flash Player on their device to Flash Player 11.1.111.7.

Windows users can check the current version of the Adobe Flash Player installed on their system by right-clicking on any Flash content. The version details will be displayed at the bottom of the menu. Android users on the other hand can go to Settings > Applications > Manage Applications > Adobe Flash Player x.x to check the current running version.

Download the latest Adobe Flash Player 11.1.102.63 from here. Android users can download the latest version from the Android Marketplace from here.

Tags: ,
Author: Joel Fernandes Google Profile for Joel Fernandes
Joel Fernandes (G+) is a tech enthusiast and a social media blogger. During his leisure time, he enjoys taking photographs, and photography is one of his most loved hobbies. You can find some of his photos on Flickr. He does a little of web coding, and maintains a tech blog of his own - Techo Latte. Joel is currently pursuing his Masters in Computer Application from Bangalore, India. You can get in touch with him on Twitter - @joelfernandes, or visit his Facebook Profile for more information.

Joel Fernandes has written and can be contacted at joel@techie-buzz.com.
 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN