New Security Updates Released For Adobe Flash Player

A day after Microsoft released a Fix It tool to address the attacks targeting vulnerability in Internet Explorer, Adobe systems has also issued critical security updates to fix the vulnerabilities in Adobe Flash Player, including a vulnerability that is under attack.

These security updates rectify three bugs: stack overflow vulnerability (CVE-2014-0498) that could allow arbitrary code execution; Flash zero-day vulnerability (CVE-2014-0502) that was actively exploited in the wild and a memory leak flaw (CVE-2014-0499) that could be used to defeat the unplanned memory address layout. This is the second security update for Adobe Flash Player software on both Mac and Windows.

According to Adobe, the bugs affect the Adobe Flash Player 11.2.202.336 and 12.0.0.44 along with affecting the earlier versions for Linux, Windows and Macintosh. Adobe has urged all its users to update their products to the latest Flash version. Also, a site is being maintained so that the users can check the version of the Flash installed, and to help the users download the up-to-date Flash software from the Adobe's website itself.