Adobe patches two critical holes in Flash Player, adds automatic update option

Adobe issued Priority 2 updates that patched two critical security holes in Adobe Flash Player 11.1.102.63 and earlier versions for Windows, Mac, Linux and Solaris, and Adobe Flash Player 11.1.111.7 and earlier versions for Android 3.x and 2.x. The memory corruption vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system, according to the security bulletin.

Priority 2 means that the flaws are not currently being exploited. The priority ranking is a new advisory system unveiled by Adobe last month.

In addition, Adobe added a background security updater for Windows platforms. “This new background updater will allow Windows users to choose an automatic update option for future Flash Player updates….Improving the update process is probably the single most important challenge we can tackle for our customers at this time”, explained Adobe’s Peleus Uhley in a blog.

“The new background updater will provide a better experience for our customers, and it will allow us to more rapidly respond to zero-day attacks. This model for updating users is similar to the Google Chrome update experience, and Google has had great success with this approach. We are hoping to have similar success", he added.

Uhley noted that a background security updater for Macs is “currently under development.”
 

What’s Hot on Infosecurity Magazine?