boot13Adobe has issued a pre-notification of updates for Acrobat and Reader software that are expected to be made available on May 13.
The updates address critical security vulnerabilities in Reader and Acrobat.
Category Archives: Adobe
Adobe releases Flash 13.0.0.206
A new version of Flash, announced earlier today, addresses several security vulnerabilities, one of which (CVE-2014-0515) is being actively exploited on the Internet.
As with most Flash vulnerabilities, Adobe says that the ones addressed in this update “could potentially allow an attacker to take control of the affected system.”
The security bulletin associated with this update provides additional details regarding the security fixes.
Google Chrome will auto-update with the new version of embedded Flash, and Internet Explorer on Windows 8.x will receive Flash updates via Windows Update.
Anyone using Flash in a web browser should install the new version of Flash as soon as possible.
Flash Player 13 released
Yesterday, Adobe announced a new version of Flash, 13.0.0.182. The new version includes fixes for several security vulnerabilities (including one of the two found at Pwn2Own), as well as numerous other bug fixes and enhancements. There are also some new features, but these are mostly of interest to developers. The official release notes page has all the details.
As usual, the integrated versions of Flash in Internet Explorer 10 and 11 will be updated via Windows Update, and Chrome’s integrated Flash will be updated automatically by the browser itself.
Flash vulnerabilities found at Pwn2Own
The recent Pwn2Own hacking competition revealed vulnerabilities in a variety of software products, including Chrome, Firefox, Internet Explorer, and Flash.
While patches for Firefox and Chrome were released soon after the results of the contest were published, the vulnerabilities in Flash remain unpatched. They are identified as CVE-2014-0506 and CVE-2014-0510. Severity is ranked as high for both vulnerabilities. No exploits for these vulnerabilities have yet been seen in the wild.
Update 2014Apr09: CVE-2014-0506 was fixed in Flash 13.0.0.182.
Flash 12.0.0.77 released
Adobe announced a new version of Flash yesterday. Version 12.0.0.77 fixes two security vulnerabilities flagged by Adobe as Important.
As usual, Google Chrome will update itself with the latest version of Flash, while Internet Explorer 10 and 11 on Windows 8 and 8.1 will receive the latest Flash updates via Windows Update.
You can check the version of Flash currently installed on your computer (or more accurately, in your browser), by visiting the About Adobe Flash page, and you can download the new version from the Player Download Center (warning: this page will install additional software by default; make sure to uncheck any optional software checkboxes).
No support for Flash on Windows XP after May 2014
Adobe will no longer test Flash on Windows XP after the next quarterly update. You can continue to use Flash on Windows XP after that, but it will become increasingly risky, especially if it’s enabled in your web browser. This is yet another nail in the coffin for Windows XP.
Emergency update for Flash
On February 20, Adobe announced a new version of Flash that addresses critical security vulnerabilities. Security bulletin apsb14-07 describes the vulnerabilities.
We strongly recommend upgrading to this new version of Flash (12.0.0.70) as soon as possible, especially if you have Flash enabled in a web browser and you use that web browser for web surfing.
As usual, Google Chrome will update itself to the latest version of Chrome, and Internet Explorer 10 and 11 will be updated to the latest Flash by way of Windows Update.
Critical security update for Flash
Yesterday Adobe released a new version of Flash (12.0.0.44) that addresses a critical security vulnerability. There is some evidence that the vulnerability is already being exploited in the wild, so everyone should update their browsers ASAP.
As usual, Internet Explorer 10 for Windows 8 and Internet Explorer 11 for Windows 8.1 will receive the new Flash version via Windows Update, and Chrome will update to the new Flash automatically.
Adobe Reader 11.0.06 released
A new version of Adobe’s Reader software was made available yesterday. Version 11.0.06 includes fixes for several security vulnerabilities. All the details are available in the new version’s release notes.
Flash version 12 released
Yesterday, Adobe announced new 12-series versions of the Flash player for various environments and browsers:
- Internet Explorer 10 on Windows 8 (via Windows Update): 12.0.0.38
- Internet Explorer 11 on Windows 8.1: 12.0.0.38
- Other versions of Internet Explorer: 12.0.0.38
- Google Chrome (self-updating): 12.0.0.41
- All other browsers on Windows: 12.0.0.43
You can get the new version from the main Flash download site.
Flash 12 includes some new features and enhancements, as well as fixes for several security vulnerabilities.