Adobe has released an update for Adobe Flash Player that is categorized as Critical Priority 2.
- Critical: A vulnerability, which, if exploited would allow malicious native-code to execute, potentially without a user being aware.
- Priority 2: This update resolves vulnerabilities in a product that has historically been at elevated risk. There are currently no known exploits. Adobe recommends administrators install the update soon (for instance, within 30 days).
The vulnerability affects the following versions of Adobe Flash Player.
- Adobe Flash Player 18.104.22.168 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 22.214.171.124 and earlier versions for Android 3.x and 2.x
Adobe recommends users of Adobe Flash Player 126.96.36.199 and earlier versions for Windows, Macintosh and Linux update to Adobe Flash Player 188.8.131.52. Users of Adobe Flash Player 184.108.40.206 and earlier versions for Solaris should update to Adobe Flash Player 220.127.116.11. Departments participating in the Secunia Service from ITS will receive the update through WSUS when it becomes available.
For users who cannot update to Flash Player 18.104.22.168, Adobe has developed a patched version of Flash Player 10.3, Flash Player 10.3.183.18. Users with Flash Player 9 or previous should upgrade to Flash Player 10 or 11 as soon as possible.
Users of Adobe Flash Player 22.214.171.124 and earlier versions for Android 3.x and earlier versions should update to Flash Player 126.96.36.199 by browsing to the Android Marketplace on an Android device.
For more information on this update, read Adobe's Security Bulletin APSB12-07 (http://www.adobe.com/support/security/bulletins/apsb12-07.html)