1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

Vulnerability protection

Adobe Flash Player security update

Report ID: AD201402001
Date Published: February 20 2014

Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote

Affected Product/Component:

Adobe Flash Player and earlier versions
    for Windows and Macintosh
Adobe Flash Player and earlier
    versions for Linux
Adobe AIR and earlier versions
    for Android
Adobe AIR SDK and earlier versions
Adobe AIR SDK & Compiler and
    earlier versions


Adobe has released security updates for Adobe Flash Player to address three critical vulnerabilities.

Detailed Description

Adobe has released the Adobe Flash Player updates (Windows), (Linux) and and (AIR), which resolve three critical vulnerabilities found in the prior version of the affecred products. These vulnerabilities could, separately, be used to bypass the Address Space Layout Randomization (ASLR) security feature or perform remote code execution.

Adobe has had reports of CVE-2014-0502 vulnerability circulating in the wild. Users are recommended to update their installations to the latest version of Adobe Flash Player as a security measure against exploit attempts.

CVE Reference

CVE-2014-0498, CVE-2014-0499 and CVE-2014-0502


Update to the latest version of applicable product, available from the Flash Player Download Center and AIR SDK Download

Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.