Adobe Flash Player 18.104.22.168 patches more zero-day vulnerabilities
Adobe has released a new version of its Flash Player, which patches the security vulnerabilities which were recently found.
The zero-day vulnerabilities caused an attack on a security firm, which resulted in the theft of approximately 400GB of data and documents.
Adobe has been under flak from several users, and services for the number of flaws found in Flash. Mozilla and Facebook are also raising their pitchforks, with the former blocking Flash by default on its browser Firefox, while the latter’s head of security has called for the death of Flash.
Surprisingly, or should I say shockingly, one renowned company has conveniently forgotten to update Flash player for its browser. It is a company based in Redmond, and called Microsoft.
Yes, it is true, Microsoft has not updated Flash player for Internet Explorer 11, as well as in its new browser, Microsoft Edge. The browser is using Adobe Flash Player 22.214.171.124, which is a very old version and is considered extremely vulnerable. This puts millions of users and their data at risk.
Google, on the other hand, has promptly patched Chrome’s built-in Flash player. Normally Google updates the browser after Adobe releases an update for Flash Player, but the Mountain View company beats Adobe to update Chrome before Adobe outed a new version of the plugin.
While Microsoft Internet Explorer, and Edge browsers, can be patched through Windows Update, which updates the Flash plugin, Google Chrome does not get plugin updates. Instead the browser itself has to be updated entirely, to patch the plugin.
Adobe Flash Player 126.96.36.199:
Actually, this is not the first update for Flash Player in the past week. Adobe had released Flash Player 188.8.131.52 to fix a couple of critical vulnerabilities a few days ago, which affected earlier versions of Flash for Windows, Macintosh and Linux platforms. The version reportedly fixed some bugs, which could have been potentially exploited to cause a crash and potentially allow an attacker to take control of the affected system.
Ironically, Flash Player 184.108.40.206 was itself found to be insecure, and two more zero day vulnerabilities were found by security experts.
Computer World reports that today’s update, Adobe Flash Player 220.127.116.11, however should fix all security issues. Google Chrome 43.0.2357.134 for Windows, OS X and Linux has patched the vulnerable version of Flash player. Chrome users need not do anything, as the browser installs updates automatically.
Apple Safari and Mozilla Firefox users, however, should head to Adobe’s website to download the latest version of Flash and install it manually.