Adobe Flash Player Patch Tuesday Repeat

Last week, you endured a busy Patch Tuesday, which included a pile of security updates from Microsoft and Adobe. Adobe’s patch day included big updates for Reader, ShockWare, and Flash. Unfortunately, Adobe wasn’t quite finished fixing the Flash Player vulnerabilities.

Just a week after Patch Day, Adobe has released yet another Flash Player update to fix six more critical vulnerabilities in the popular web multimedia player. The six new flaws differ technically, but mostly share the same scope and impact. In fact, they’re generally the same type of memory corruption flaws as Adobe fixed last week — just more of them. In any case, if an attacker can lure you to a web site, or get you to open a document containing specially crafted Flash content, he could exploit these flaws to execute code on your computer, with your privileges. If you have administrative or root privileges, the attacker could gain full control of your computer.

These six new Flash Player flaws affect all platforms, including Windows, Macintosh, Linux, and Android. So if you are running Flash Player on any platform, make sure to install this week’s Flash update, even if you already applied the patch from last week. You can find the proper update in the “Solutions” section of Adobe’s Flash Bulletin.

As an aside, if you are waiting for today’s WatchGuard Security Week in Review Episode, it’s coming, but won’t show up until later this afternoon. I wasn’t able to shoot and produce the video when I normally do, due to work travel. So I will have to post it late in the day. If you’re gone before it goes up today, be sure to check it out Monday. — Corey Nachreiner, CISSP (@SecAdept)

About Corey Nachreiner

Corey Nachreiner has been with WatchGuard since 1999 and has since written more than a thousand concise security alerts and easily-understood educational articles for WatchGuard users. His security training videos have generated hundreds of letters of praise from thankful customers and accumulated more than 100,000 views on YouTube and Google Video. A Certified Information Systems Security Professional (CISSP), Corey speaks internationally and is often quoted by other online sources, including C|NET, eWeek, and Slashdot. Corey enjoys "modding" any technical gizmo he can get his hands on, and considers himself a hacker in the old sense of the word.

Trackbacks/Pingbacks

  1. WatchGuard Security Week in Review: Episode 30 | WatchGuard Security Center - August 24, 2012

    [...] Adobe releases a second Flash update within a week- WatchGuard Security Center [...]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 7,662 other followers

%d bloggers like this: