Latest Flash and Air update closes one critical hole

Adobe's June update schedule fixes just one vulnerability for Flash and Air, but it's critical. Discovered and reported by the Google security team, CVE-2013-3343 is a memory corruption vulnerability that could allow the execution of arbitrary code. A failed exploit is likely to crash the system.

Adobe is not aware of any exploits currently in the wild, but given the popularity of Flash exploits among attackers, users should patch as soon as possible.

Chrome and IE10 users will be updated automatically via the browser. Other users can check their current installed version by visiting the Flash Player page, and can update through the Player Download Center.

Adobe also announced that it is updating its extended support program from version 10 to version 11.7.x. Users wishing to continue to receive security updates should move to version 11.7 before the next scheduled update in July.

What’s Hot on Infosecurity Magazine?