Yesterday, Adobe released its latest security updates for Adobe Flash Player. They are available for users that make use of Windows, Macintosh and Linux. Updating current Flash Player software is highly recommended as a critical vulnerability is already exploited in the wild via limited, targeted attacks.
The most recent targets are systems running Internet Explorer for Windows 7 and below and Firefox on Windows XP, so the users who are running them should update their Adobe versions as soon as possible.
CVE-2015-3113 Main Point
This vulnerability possibly could give access to the attacker to take control of the affected system. Its main point is to lead to the execution of the arbitrary code so the attacker could take possession of the affected system.
CVE-2015-3113 can be used for direction to malware via drive-by download attacks. It is not clear if this vulnerability is released to influence regular users, or its primary goal is causing more complex attacks.
→According to Adobe Security Bulletin affected software versions are:
- Adobe Flash Player 18.104.22.168 and earlier versions for Windows and Macintosh
- Adobe Flash Player Extended Support Release version 22.214.171.1242 and earlier 13.x versions for Windows and Macintosh
- Adobe Flash Player 126.96.36.1996 and earlier 11.x versions for Linux
Are Updates Automatic?
It mainly depends on the operating system, browser and version of the Adobe Flash Player installed. Adobe Player installed with Google Chrome will be automatically updated to the latest Adobe Flash Player version, which is 188.8.131.52. Adobe Player installed with Internet Explorer for Windows 8.x will also be automatically updated to the latest Adobe Flash Player version, which is 184.108.40.206.
If you don’t pertain to these two categories, then you should update your Adobe Player manually following these two steps:
First: You have to verify the version of Adobe Flash Player installed on your system through About Flash Player page.
Second: Knowing the exact version of your Adobe Flash Player you could find the required update that will guarantee your safety and install it.