JPCERT-AT-2014-0029
JPCERT/CC
2014-07-09
<<< JPCERT/CC Alert 2014-07-09 >>>
Vulnerabilities in Adobe Flash Player (APSB14-17)
https://www.jpcert.or.jp/english/at/2014/at140029.html
I. Overview
Adobe Flash Player contains multiple vulnerabilities. A remote
attacker may cause Adobe Flash Player to crash or execute arbitrary
code by convincing a user to open specially crafted contents
leveraging these vulnerabilities. For more information on the
vulnerabilities, please refer to the information provided by
Adobe Systems.
Security updates available for Adobe Flash Player
https://helpx.adobe.com/security/products/flash-player/apsb14-17.html
II. Affected Products
The following versions are affected by these vulnerabilities:
- Adobe Flash Player 14.0.0.125 and earlier (for Internet Explorer,
Google Chrome, etc.)
III. Solution
Please update Adobe Flash Player to the latest version listed below:
- Adobe Flash Player 14.0.0.145 (for Internet Explorer,
Google Chrome, etc.)
Note that Internet Explorer 10 for Windows 8, Internet Explorer 11
for Windows 8.1 and Google Chrome contain Adobe Flash Player by
default. The latest version of Adobe Flash Player will be applied
through Windows Update for Internet Explorer 10 for Windows 8 and
Internet Explorer 11 for Windows 8.1. Also, Adobe Flash Player will
be updated via Google Chrome component update system. However, it may
take days to complete the update, so please consider using other
web browsers to view contents which requires Adobe Flash Player until
the update is complete.
For more information, please refer to the following:
Adobe Flash Player Download Center
https://get.adobe.com/flashplayer/
Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
https://technet.microsoft.com/en-us/security/advisory/2755801
Google Chrome Releases
Flash Player Update
http://googlechromereleases.blogspot.jp/2014/07/flash-player-update.html
Users can check the version of Adobe Flash Player that they are
using at the following link:
Adobe Flash Player: Version Information
https://www.adobe.com/software/flash/about/
* Even if you use a web browser other than Internet Explorer, there is
software that uses Adobe Flash Player installed for Internet
Explorer, such as Microsoft Office, so please update Adobe Flash
Player for Internet Explorer.
IV. References
Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
https://technet.microsoft.com/library/security/2755801
Google Chrome Releases
Flash Player Update
http://googlechromereleases.blogspot.jp/2014/07/flash-player-update.html
If you have any information regarding this alert, please contact
JPCERT/CC.
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-3518-4600 FAX: +81-3-3518-4602
https://www.jpcert.or.jp/english/
Top