“Critical” Adobe Flash Player Vulnerabilities Found by Google’s Security Team

Adobe has released an update to its Adobe Flash and Shockwave Player, as there were critical vulnerabilities found in both the products. The vulnerabilities were found by two Google’s security team members and reported the same to the Adobe.

According to the advisory from Adobe, Google’s Tavis Ormandy and Fermin J. Serna found the integer error and a memory corruption vulnerability, which could have been used by hackers to take advantage of it and completely control the computers that are affected by it.Adobe Flash Player

Adobe has rated these vulnerabilities as “critical,” and has fixed the bugs with an update for Windows, Mac, Linux and Solaris OS users. The update comes with the priority rating 2, and urges users to apply the update within the next 30 days.  According to the definition of “Priority 2” given by Adobe, the update completely resolves the issues that caused the product to pose significant risk, and currently there no known exploits.

The two vulnerabilities found are –

CVE-2012-0768 is a memory corruption vulnerability that could lead to remote code execution by exploiting a flaw in Matrix3D.

CVE-2012-0769 is an information disclosure vulnerability as a result of integer errors in Flash Player.

Vulnerabilities are rated “critical” when the product poses a risk to the user’s computer, and if it is exploited, it would allow hackers to run malicious native-code to execute on the user’s system without the users being aware of.

The vulnerability is addressed to Adobe Player and earlier versions for Windows, Macintosh, Linux and Solaris, Adobe Flash Player and earlier versions for Android 4.x, and Adobe Flash Player and earlier versions for Android 3.x and 2.x.

Adobe recommends users of Flash Player and earlier versions to update to Flash Player, and users of Flash Player and earlier versions on Android 4.x, should update to Flash Player Android 3.x users are asked to update the Flash Player on their device to Flash Player

Windows users can check the current version of the Adobe Flash Player installed on their system by right-clicking on any Flash content. The version details will be displayed at the bottom of the menu. Android users on the other hand can go to Settings > Applications > Manage Applications > Adobe Flash Player x.x to check the current running version.

Download the latest Adobe Flash Player from here. Android users can download the latest version from the Android Marketplace from here.

Published by

Joel Fernandes

Joel Fernandes (G+) is a tech enthusiast and a social media blogger. During his leisure time, he enjoys taking photographs, and photography is one of his most loved hobbies. You can find some of his photos on Flickr. He does a little of web coding, and maintains a tech blog of his own - Techo Latte. Joel is currently pursuing his Masters in Computer Application from Bangalore, India. You can get in touch with him on Twitter - @joelfernandes, or visit his Facebook Profile for more information.