As most of you already know, Adobe will stop supporting its Flash Player in 2020, but until then the company will still try to keep the application as clean as possible. The new update that the developers have released for Adobe Flash Player is fixing two vulnerabilities.
We remind you that Adobe usually releases more than 50 fixes for vulnerabilities per update, which is a bit strange to see only two fixes being released in the latest update. It seems that both security vulnerabilities that the company has fixed could be exploited for remote code execution.
In other words, it is very important to update your Adobe Flash Player as soon as possible to make sure that the hackers don’t gain access to your computer. The two vulnerabilities are tracked as CVE-2017-11282 and CVE-2017-11281 and are rated as critical. They were discovered by Natalie Silvanovich and Mateusz Jurczyk, two members of Google Project Zero.
The security flaws that have been fixed today were caused by memory corruption issues. Adobe claims that there is no evidence that these security issues have been exploited by the hackers, which means that the “bad” guys have not managed to exploit them before they’ve got patched.
The new Adobe Flash Player update has been released for Chrome OS, Linux, Macintosh and Windows.
In addition, the company has also released patches for vulnerabilities in RoboHelp for Windows, which is its help authoring tool. One of the issues could be exploited for cross-site scripting (XSS) attacks, while the other was allowing an “URL redirect” that hackers could use for phishing attacks. These two other issues have been reported by Reynold Regan of the Center for Technology & Innovation.
Are you still using Adobe Flash Player on your computer? Tell us your thoughts about this application!