Adobe tells Windows and Mac users to install critical security updates for Flash and AIR

by Graham Cluley on March 13, 2013 | 6 Comments

Filed Under: Adobe Flash, Android, Featured, iOS, Linux, Malware, OS X, Vulnerability, Web Browsers, Windows

Adobe patches Flash and AIRIt wasn't just Microsoft that pushed out critical security updates yesterday. Adobe also issued critical security updates for its Flash Player and AIR products, impacting many Windows and Mac users.

In fact, computer users should be getting used to security updates for Adobe Flash by now - after all, this is the fourth in as many weeks.

The latest Flash Player update from Adobe fixes four security vulnerabilities.

Although the security holes could, potentially, be exploited by a malicious hacker to hijack computers evidence hasn't yet been seen that these vulnerabilities are being exploited in real-world attacks.

However, because of the growing prevalence of Flash-based malware attacks, the advice from SophosLabs is to apply these security patches as soon as possible.

In addition, a security update for Adobe AIR has also been made available - you can download that from the AIR download webpage and Adobe's AIR SDK webpage.

It can be tricky keeping up-to-date with the latest version numbers of Adobe products, so here's a handy chart showing you (at the time of writing!) the latest versions of Flash and AIR, to help you confirm that your systems are updated:

Product Updated version Platform
Adobe Flash Player 11.6.602.180 Windows
  11.6.602.180 Macintosh
  11.2.202.275 Linux
  11.1.115.48 Android 4.x
  11.1.111.44 Android 3.x and 2.x
Adobe AIR 3.6.0.6090 Windows, Macintosh,
Android and SDK & Compiler (includes AIR for iOS)

You can tell whether yoru computer has Flash installed, and which version you are running, by visiting a page on the Adobe website.

Users of Google Chrome and Internet Explorer 10 should find that Adobe Flash is automatically updated.

Tags: , , , ,

6 Responses to Adobe tells Windows and Mac users to install critical security updates for Flash and AIR

  1. MikeP_UK says:
    March 13, 2013 at 2:20 pm

    Apart from reading Naked Security daily, I use Secunia PSI 2.0 (not version 3) to check my key software is an up-to-date version. It's free so easy to use and helps stay secure.
    (I do not work for any software vendor now, used to work for Zuken Ltd who are an EDA vendor.)

    Reply Report comment
  2. Kasun says:
    March 13, 2013 at 4:20 pm

    I think Mozilla is doing the thing right. Seems to better to go with HTML5 than biggy-buggy flash.

    Reply Report comment
  3. gmd says:
    March 13, 2013 at 5:14 pm

    Apple have all but killed Flash 1) by taking it off mobiles and 2) not adapting OSML to run efficiently with it. For those complaining about dreadfully slow app launching in OS ML it is often flash that causes it and the official position is don't run flash:-(
    Also, the flash updates are annoying because they take place outside the approved envelope of the App store and require quitting and restarting applications and the computer

    Reply Report comment
  4. Mick says:
    March 13, 2013 at 8:26 pm

    Well I am running win7 x64 with Firefox 19.0.2 and there is no download button on adobe site to download the update. FireFox does say 'hey there's a new update'.

    There is a thread open in the install/downloads section asking about that particular issue, but there hasn't been an answer to it since 8am.

    So...if you have that issue then you can find the archived release/debug installs here to download from:
    http://helpx.adobe.com/flash-player/kb/archived-f...

    I suppose it has oft been said, someone really needs to sit adobe fl(tr)ash developers down and teach them about unit testing and debugging.

    Maybe use some validation tools so we don't have to continually upgrade because of 'feature' code.

    Reply Report comment
  5. Seven says:
    March 14, 2013 at 1:13 pm

    There is no download button when I visit adobe's download page & my player is not updating automatically. I fear that my laptop's processor no longer meets the minimum requirements, now 2.33GHz (mine 2.17GHz).

    What are the risks of keeping older version and what are the alternatives to stay secure and play flash video?

    Reply Report comment
  6. Gil Favor says:
    March 14, 2013 at 4:33 pm

    Wow...Adobe's Flash Player update page will not display the download button in any browser that uses the Ghostery or DoNotTrackPlus tracking blocker plugins...at least on OS X 10.6.8. WTF? You can't download the update unless you let them track you?

    Fine. I have a separate browser (Camino) whose history cache I keep empty, and from which I immediately remove all cookies after I visit a site. They won't be able to track much of anything.

    Adobe used to be a decent company, but that was a long time ago. Their more recent behavior calls to mind the words of Obi-Wan Kenobi in commenting on the Mos Eisley spaceport: "You will never find a more wretched hive of scum and villainy." Perhaps Adobe hasn't gotten quite that bad yet, but they're working on it.

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.