Adobe tells Windows and Mac users to install critical security updates for Flash and AIR

Filed Under: Adobe Flash, Android, Featured, iOS, Linux, Malware, OS X, Vulnerability, Web Browsers, Windows

Adobe patches Flash and AIRIt wasn't just Microsoft that pushed out critical security updates yesterday. Adobe also issued critical security updates for its Flash Player and AIR products, impacting many Windows and Mac users.

In fact, computer users should be getting used to security updates for Adobe Flash by now - after all, this is the fourth in as many weeks.

The latest Flash Player update from Adobe fixes four security vulnerabilities.

Although the security holes could, potentially, be exploited by a malicious hacker to hijack computers evidence hasn't yet been seen that these vulnerabilities are being exploited in real-world attacks.

However, because of the growing prevalence of Flash-based malware attacks, the advice from SophosLabs is to apply these security patches as soon as possible.

In addition, a security update for Adobe AIR has also been made available - you can download that from the AIR download webpage and Adobe's AIR SDK webpage.

It can be tricky keeping up-to-date with the latest version numbers of Adobe products, so here's a handy chart showing you (at the time of writing!) the latest versions of Flash and AIR, to help you confirm that your systems are updated:

Product Updated version Platform
Adobe Flash Player 11.6.602.180 Windows
  11.6.602.180 Macintosh Linux Android 4.x Android 3.x and 2.x
Adobe AIR Windows, Macintosh,
Android and SDK & Compiler (includes AIR for iOS)

You can tell whether yoru computer has Flash installed, and which version you are running, by visiting a page on the Adobe website.

Users of Google Chrome and Internet Explorer 10 should find that Adobe Flash is automatically updated.

, , , ,

You might like

6 Responses to Adobe tells Windows and Mac users to install critical security updates for Flash and AIR

  1. MikeP_UK · 937 days ago

    Apart from reading Naked Security daily, I use Secunia PSI 2.0 (not version 3) to check my key software is an up-to-date version. It's free so easy to use and helps stay secure.
    (I do not work for any software vendor now, used to work for Zuken Ltd who are an EDA vendor.)

  2. Kasun · 937 days ago

    I think Mozilla is doing the thing right. Seems to better to go with HTML5 than biggy-buggy flash.

  3. gmd · 937 days ago

    Apple have all but killed Flash 1) by taking it off mobiles and 2) not adapting OSML to run efficiently with it. For those complaining about dreadfully slow app launching in OS ML it is often flash that causes it and the official position is don't run flash:-(
    Also, the flash updates are annoying because they take place outside the approved envelope of the App store and require quitting and restarting applications and the computer

  4. Mick · 937 days ago

    Well I am running win7 x64 with Firefox 19.0.2 and there is no download button on adobe site to download the update. FireFox does say 'hey there's a new update'.

    There is a thread open in the install/downloads section asking about that particular issue, but there hasn't been an answer to it since 8am.

    So...if you have that issue then you can find the archived release/debug installs here to download from:

    I suppose it has oft been said, someone really needs to sit adobe fl(tr)ash developers down and teach them about unit testing and debugging.

    Maybe use some validation tools so we don't have to continually upgrade because of 'feature' code.

  5. Seven · 936 days ago

    There is no download button when I visit adobe's download page & my player is not updating automatically. I fear that my laptop's processor no longer meets the minimum requirements, now 2.33GHz (mine 2.17GHz).

    What are the risks of keeping older version and what are the alternatives to stay secure and play flash video?

  6. Gil Favor · 936 days ago

    Wow...Adobe's Flash Player update page will not display the download button in any browser that uses the Ghostery or DoNotTrackPlus tracking blocker least on OS X 10.6.8. WTF? You can't download the update unless you let them track you?

    Fine. I have a separate browser (Camino) whose history cache I keep empty, and from which I immediately remove all cookies after I visit a site. They won't be able to track much of anything.

    Adobe used to be a decent company, but that was a long time ago. Their more recent behavior calls to mind the words of Obi-Wan Kenobi in commenting on the Mos Eisley spaceport: "You will never find a more wretched hive of scum and villainy." Perhaps Adobe hasn't gotten quite that bad yet, but they're working on it.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley