Two weeks ago, Adobe released a security patch for users of its Flash Player that addressed a security issue labeled as “critical.” This particular issue was a zero-day vulnerability that Google’s security team informed them of. While that particular issue also involved Microsoft, Adobe was the first of the two to roll out an update. On November 8, Adobe again released another security update categorized as “critical” and it addresses nine code execution vulnerabilities that could allow an attacker to access a system that has been affected.
The Adobe Flash Player runs on Chrome OS, Linux, Mac and Windows. According to the Security Bulletin released by Adobe, all the players on those systems need to be updated. In particular, version 188.8.131.52 and early versions are the ones affected version for the desktop runtime Flash Player as well as the Flash Player on the Chrome browser, Microsoft Edge and Internet Explorer 11. For Linux systems, the version affected is 11.2.202643 and earlier.
Users of Windows and Mac can use the update mechanism in the product itself to get the latest version; or they can visit the Download Center of Adobe Flash Player. Linux users can also head to the Download Center to update their current player. Those who are using the Google Chrome browser will get their Flash updated when the new version of the browser is released. Users of Windows 10 and Windows 8.1 who are using either Microsoft Edge or Internet Explorer 11 will have their Flash Players updated automatically.
Adobe also encourages users to verify whether the Flash has really been bumped up to the latest version. This can be checked on the products About Flash Player page.
Flash has been relied on for years but the arrival of HTML5 which is hailed as better and more secure is threatening that. Still, a number of users remain and if you are one of them, make sure that you always update to the latest version.