Adobe Flash Player 11.3.300.257 security update
Report ID: AD201206001
Date Published: 8 June 2012
Criticality: Critical
Compromise Type: remote-code-execution information-disclosure
Compromise From: remote
Affected Product/Component:
Adobe Flash Player 11.2.202.235 for Windows, Macintosh, and Linux
Adobe Flash Player 11.1.115.8 for Android 4.x
Adobe Flash Player 11.1.111.9 for Android 3.x and 2.x
Adobe AIR 3.2.0.2070 for Windows, Macintosh, and Android
Summary
Adobe Flash Player version 11.3.300.257 has been released to address multiple vulnerabilities found in the prior version of the product.
Detailed Description
Adobe has released Adobe Flash Player 11.3.300.257, which carries out fixes for multiple vulnerabilities found in the prior version of the products. Seven vulnerabilities in total were reported, one of which could lead to information disclosure while the remaining six could lead to remote code execution.
All identified issues have been fixed in the latest update. Users are recommended to get the latest version of Adobe Flash Player onto their system as a protection measure against potential exploit attempts.
CVE Reference
CVE-2012-2034, CVE-2012-2035, CVE-2012-2036, CVE-2012-2037, CVE-2012-2038, CVE-2012-2039, CVE-2012-2040
Solution
Update to the latest version of applicable product:
- Flash Player 11.3.300.257 (Windows and Macintosh) - Flash Player Download Center
- Flash Player 11.3.300.257 (network distribution) - Flash Player Licensing
- Flash Player 11.3.300.257 (Linux) - Flash Player Download Center
- Flash Player 11.1.115.9 (Android 4.x) - Google play*
- Flash Player 11.1.111.10 (Android 3.x and 2.x) - Google play*
- Flash Player 11.3.300.257 (Chrome) - Google Chrome Releases
- AIR 3.2.0.2070 - AIR Download Center
- AIR 3.2.0.2070 (Android) - Google play
* browse to on an Android device
F-Secure Health Check
F-Secure's free tool, the Health Check, detects if your system is missing the patch for the vulnerabilities covered in this report.
