Adobe updates - 2017.03.14
FYI...
Flash 25.0.0.127 released
- https://helpx.adobe.com/security/products/flash-player/apsb17-07.html
Mar 14, 2017
CVE number: CVE-2017-2997, CVE-2017-2998, CVE-2017-2999, CVE-2017-3000, CVE-2017-3001, CVE-2017-3002, CVE-2017-3003
Platform: Windows, Macintosh, Linux and Chrome OS
Summary: Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system...
Solution: ... Adobe recommends users of the Adobe Flash Player Desktop Runtime for Windows, Macintosh and Linux update to Adobe Flash Player 25.0.0.127 via the update mechanism within the product [1] or by visiting the Adobe Flash Player Download Center: https://get.adobe.com/flashplayer/
- Adobe Flash Player installed with Google Chrome will be automatically updated to the latest Google Chrome version, which will include Adobe Flash Player 25.0.0.127 for Windows, Macintosh, Linux and Chrome OS.
- Adobe Flash Player installed with Microsoft Edge and Internet Explorer 11 for Windows 10 and 8.1 will be automatically updated to the latest version, which will include Adobe Flash Player 25.0.0.127.
Please visit the Flash Player Help page for assistance in installing Flash Player:
> https://helpx.adobe.com/flash-player.html
[1] Users who have selected the option to 'Allow Adobe to install updates' will receive the update automatically. Users who do not have the 'Allow Adobe to install updates' option enabled can install the update via the update mechanism within the product when prompted...
For I/E - some versions get 'Automatic' updates:
- https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ax.exe
For Firefox and other Plugin-based browsers:
- https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player.exe
For Chrome:
- https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ppapi.exe
Flash test site: https://www.adobe.com/software/flash/about/
- http://www.securitytracker.com/id/1037994
CVE Reference: CVE-2017-2997, CVE-2017-2998, CVE-2017-2999, CVE-2017-3000, CVE-2017-3001, CVE-2017-3002, CVE-2017-3003
Mar 14 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 24.0.0.221 and prior ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (25.0.0.127)...
___
Shockwave Player 12.2.8.198 released
- https://helpx.adobe.com/security/products/shockwave/apsb17-08.html
Mar 14, 2017
CVE number: CVE-2017-2983
Platform: Windows
Summary: Adobe has released a security update for Adobe Shockwave Player for Windows. This update addresses an?important vulnerability that could potentially lead to escalation of privilege...
Solution: ... Adobe recommends users of Adobe Shockwave Player 12.2.7.197 and earlier versions for Windows update to Adobe Shockwave Player 12.2.8.198 by visiting the Adobe Shockwave Player Download Center:
- https://get.adobe.com/shockwave/
- http://www.securitytracker.com/id/1037993
CVE Reference: CVE-2017-2983
Mar 14 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 12.2.7.197 and prior ...
Impact: A local user can obtain elevated privileges on the target system.
Solution: The vendor has issued a fix (12.2.8.198)...
:fear::fear:
FYI...
Flash 25.0.0.127 released
- https://helpx.adobe.com/security/products/flash-player/apsb17-07.html
Mar 14, 2017
CVE number: CVE-2017-2997, CVE-2017-2998, CVE-2017-2999, CVE-2017-3000, CVE-2017-3001, CVE-2017-3002, CVE-2017-3003
Platform: Windows, Macintosh, Linux and Chrome OS
Summary: Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system...
Solution: ... Adobe recommends users of the Adobe Flash Player Desktop Runtime for Windows, Macintosh and Linux update to Adobe Flash Player 25.0.0.127 via the update mechanism within the product [1] or by visiting the Adobe Flash Player Download Center: https://get.adobe.com/flashplayer/
- Adobe Flash Player installed with Google Chrome will be automatically updated to the latest Google Chrome version, which will include Adobe Flash Player 25.0.0.127 for Windows, Macintosh, Linux and Chrome OS.
- Adobe Flash Player installed with Microsoft Edge and Internet Explorer 11 for Windows 10 and 8.1 will be automatically updated to the latest version, which will include Adobe Flash Player 25.0.0.127.
Please visit the Flash Player Help page for assistance in installing Flash Player:
> https://helpx.adobe.com/flash-player.html
[1] Users who have selected the option to 'Allow Adobe to install updates' will receive the update automatically. Users who do not have the 'Allow Adobe to install updates' option enabled can install the update via the update mechanism within the product when prompted...
For I/E - some versions get 'Automatic' updates:
- https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ax.exe
For Firefox and other Plugin-based browsers:
- https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player.exe
For Chrome:
- https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ppapi.exe
Flash test site: https://www.adobe.com/software/flash/about/
- http://www.securitytracker.com/id/1037994
CVE Reference: CVE-2017-2997, CVE-2017-2998, CVE-2017-2999, CVE-2017-3000, CVE-2017-3001, CVE-2017-3002, CVE-2017-3003
Mar 14 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 24.0.0.221 and prior ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (25.0.0.127)...
___
Shockwave Player 12.2.8.198 released
- https://helpx.adobe.com/security/products/shockwave/apsb17-08.html
Mar 14, 2017
CVE number: CVE-2017-2983
Platform: Windows
Summary: Adobe has released a security update for Adobe Shockwave Player for Windows. This update addresses an?important vulnerability that could potentially lead to escalation of privilege...
Solution: ... Adobe recommends users of Adobe Shockwave Player 12.2.7.197 and earlier versions for Windows update to Adobe Shockwave Player 12.2.8.198 by visiting the Adobe Shockwave Player Download Center:
- https://get.adobe.com/shockwave/
- http://www.securitytracker.com/id/1037993
CVE Reference: CVE-2017-2983
Mar 14 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 12.2.7.197 and prior ...
Impact: A local user can obtain elevated privileges on the target system.
Solution: The vendor has issued a fix (12.2.8.198)...
:fear::fear:
Last edited: