Flash Player may not be the most secure technology on the planet, but Adobe has shown that they can be punctual when it comes to releasing security patches for the vulnerabilities in their product.
On May 10, Adobe revealed that they had discovered CVE-2016-4117, a new vulnerability in Flash Player 18.104.22.168 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. The vulnerability can crash computers and expose them to hacking attacks, and Adobe promised that they would provide a security patch to fix this issue.
Fortunately, they have pushed through with their promise by releasing Adobe Flash Player security updates with the vulnerability identifier APSB16-1 on May 12. These updates won’t only correct the CVE-2016-4117 vulnerability but will also fix other vulnerabilities such as CVE-2016-1096, CVE-2016-1102, and CVE-2016-4108.
The updates will work for Adobe Flash Player Desktop Runtime (version 22.214.171.124 and earlier), Adobe Flash Player Extended Support Release (version 126.96.36.1993 and earlier), Adobe Flash Player for Google Chrome (version 188.8.131.52 and earlier), Adobe Flash Player for Linux (version 184.108.40.2066 and earlier) and Adobe Flash Player for Microsoft Edge and Internet Explorer 11 (version 220.127.116.11 and earlier). It will also work for AIR Desktop Runtime (version 18.104.22.168 and earlier), AIR SDK (version 22.214.171.124 and earlier), and AIR SDK & Compiler (version 126.96.36.199 and earlier).
Users who are running Adobe Flash Player should check what version they are using to know if the new security patches are applicable to them. They can do this by going to the About Flash Player page or right-clicking on any content that runs on Flash Player and choosing “About Adobe Flash Player” or “About Macromedia Flash Player” from the menu that would appear. They need to repeat this process for every browser that they regularly use. Those who are using Adobe Air can follow the instructions on this page to know what version they’re using.
If users find out that they’re using versions of Adobe Flash Player and/or Adobe Air that are affected by vulnerabilities, they have to download the latest version of the product. They can do so by going to https://get.adobe.com/flashplayer for Adobe Flash Player or https://get.adobe.com/air/ for Adobe Air.
To ensure that they always get the latest security patches and maintain the security of their system, users are advised to select the option for “Allow Adobe to install updates”. Doing this allows them to receive updates automatically and removes the need for them to manually download and install the latest security patches.