JPCERT-AT-2015-0024
JPCERT/CC
2015-07-15(Initial)
2015-07-16(Update)
<<< JPCERT/CC Alert 2015-07-15 >>>
Vulnerabilities in Adobe Flash Player (APSB15-18)
https://www.jpcert.or.jp/english/at/2015/at150024.html
I. Overview
Adobe Systems has released security updates to address multiple
vulnerabilities in Adobe Flash Player (APSB15-18). A remote
attacker may cause Adobe Flash Player to crash or execute arbitrary
code by convincing a user to open specially crafted contents
leveraging these vulnerabilities. For more information on the
vulnerabilities, please refer to the information provided by
Adobe Systems.
Security updates available for Adobe Flash Player
https://helpx.adobe.com/security/products/flash-player/apsb15-18.html
II. Affected Products
The following versions are affected by these vulnerabilities:
- Adobe Flash Player 18.0.0.203 and earlier
(Internet Explorer, Google Chrome, Mozilla Firefox, etc)
III. Solution
Please update Adobe Flash Player to the latest version listed below:
- Adobe Flash Player 18.0.0.209
(Internet Explorer, Google Chrome, Mozilla Firefox, etc)
Note that Google Chrome contains Adobe Flash Player by default.
Also, the latest version of Adobe Flash Player will be updated when
Google Chrome is updated. For more information, please refer to the
following:
Adobe Flash Player Download Center
https://get.adobe.com/flashplayer/
Google Chrome Releases
Stable Channel Update
http://googlechromereleases.blogspot.jp/2015/07/stable-channel-update_14.html
** Update: 07/16/2015 Update *****************************************
Today, Adobe Flash Player Update has been published for Internet
Explorer 10 for Windows 8 and Internet Explorer 11 for Windows 8.1.
Please apply the update as soon as possible by using Microsoft Update etc.
Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
https://technet.microsoft.com/en-us/library/security/2755801
**********************************************************************
Users can check the version of Adobe Flash Player that they are
using at the following link:
Adobe Flash Player: Version Information
https://www.adobe.com/software/flash/about/
* Even if you use a web browser other than Internet Explorer, there is
software that uses Adobe Flash Player installed for Internet
Explorer, such as Microsoft Office, so please update Adobe Flash
Player for Internet Explorer.
IV. References
** Update: 07/16/2015 Update *****************************************
Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
https://technet.microsoft.com/en-us/library/security/2755801
**********************************************************************
Google Chrome Releases
Stable Channel Update
http://googlechromereleases.blogspot.jp/2015/07/stable-channel-update_14.html
If you have any information regarding this alert, please contact
JPCERT/CC.
________
Revision History
2015-07-15 First edition
2015-07-16 Updated "Solution" and "References"
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-3518-4600 FAX: +81-3-3518-4602
https://www.jpcert.or.jp/english/
Top