[SingCERT] June 2015 Out-of-Band Security Updates for Adobe Flash Player

Published on Wednesday, 24 June 2015 17:00

[ Background ]

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address a critical vulnerability (CVE-2015-3113) that could potentially allow an attacker to take control of the affected systems. Systems running Internet Explorer for Windows 7 and below, as well as Firefox on Windows XP are known targets.


[ Affected Software ]

  • Adobe Flash Player 18.0.0.161 and earlier versions for Windows and Macintosh
  • Adobe Flash Player Extended Support Release version 13.0.0.292 and earlier 13.x versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.466 and earlier 11.x versions for Linux

[ Solution/Workaround ]

Update Adobe Flash Player to the latest version.


[ References ]

https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
https://www.fireeye.com/blog/threat-research/2015/06/operation-clandestine-wolf-adobe-flash-zero-day.html
http://www.zdnet.com/article/flash-zero-day-flaw-exploited-in-the-wild-users-advised-to-update/