JPCERT-AT-2015-0018
JPCERT/CC
2015-06-24
<<< JPCERT/CC Alert 2015-06-24 >>>
Vulnerability in Adobe Flash Player (APSB15-14)
https://www.jpcert.or.jp/english/at/2015/at150018.html
I. Overview
Adobe Systems has released security updates to address a vulnerability
in Adobe Flash Player (APSB15-14). A remote attacker may cause Adobe Flash
Player to crash or execute arbitrary code by convincing a user to open
specially crafted contents leveraging this vulnerability. For more information
on the vulnerability, please refer to the information provided by Adobe
Systems.
Security updates available for Adobe Flash Player
https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
According to Adobe Systems, limited targeted attacks leveraging this
vulnerability have been observed in the wild.
II. Affected Products
The following versions are affected by this vulnerability:
- Adobe Flash Player 18.0.0.161 and earlier
(Internet Explorer, Google Chrome, Mozilla Firefox, etc)
III. Solution
Please update Adobe Flash Player to the latest version listed below:
- Adobe Flash Player 18.0.0.194
(Internet Explorer, Google Chrome, Mozilla Firefox, etc)
Note that Internet Explorer 10 for Windows 8, Internet Explorer 11
for Windows 8.1 and Google Chrome contain Adobe Flash Player by
default. The latest version of Adobe Flash Player will be applied
through Windows Update for Internet Explorer 10 for Windows 8 and
Internet Explorer 11 for Windows 8.1. Also, the latest version of
Adobe Flash Player will be updated when Google Chrome is updated. For
more information, please refer to the following:
Adobe Flash Player Download Center
https://get.adobe.com/flashplayer/
Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
https://technet.microsoft.com/en-us/library/security/2755801.aspx
Users can check the version of Adobe Flash Player that they are
using at the following link:
Adobe Flash Player: Version Information
https://www.adobe.com/software/flash/about/
* Even if you use a web browser other than Internet Explorer, there is
software that uses Adobe Flash Player installed for Internet
Explorer, such as Microsoft Office, so please update Adobe Flash
Player for Internet Explorer.
IV. References
Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
https://technet.microsoft.com/en-us/library/security/2755801.aspx
If you have any information regarding this alert, please contact
JPCERT/CC.
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-3518-4600 FAX: +81-3-3518-4602
https://www.jpcert.or.jp/english/
Top