Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Flash Player dirty dozen: Adobe plugs code execution holes

11 Nov 2011   #1
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1 Pro
 
 
Flash Player dirty dozen: Adobe plugs code execution holes

Quote:
Adobe has issued a warning for a dozen serious security vulnerabilities in its widely distributed Flash Player software.

The security holes, which affect Windows, Mac OS X, Linux and Solaris users, could allow remote code execution attacks via rigged Flash Player files.

The company shipped Flash Player 11.1.102.55 with patches for the 12 documented vulnerabilities.
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2445).
  • This update resolves a heap corruption vulnerability that could lead to code execution (CVE-2011-2450).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2451).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2452).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2453).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2454).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2455).
  • This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2456).
  • This update resolves a stack overflow vulnerability that could lead to code execution (CVE-2011-2457).
  • This update resolves a vulnerability that could lead to a cross-domain policy bypass (Internet Explorer-only) (CVE-2011-2458).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2459).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2460).
Adobe has slapped a “critical” rating on this bulletin and recommends that all affected users apply the patch immediately.
Article:
Flash Player dirty dozen: Adobe plugs code execution holes | ZDNet


My System SpecsSystem Spec
11 Nov 2011   #2
marsmimar

Microsoft Community Contributor Award Recipient

Win 7 Pro 64-bit
 
 

Secunia PSI alerted me to the update this morning. Thanks for alerting those who may not use Secunia.
My System SpecsSystem Spec
11 Nov 2011   #3
legacy7955

win 7 home premium 64 bit
 
 

That is the nice thing about Google Chrome....I checked and my Adobe Flash is already updated via Chrome.

Oddly Java was not, but it shows you in the plug ins a warning about security update required.
My System SpecsSystem Spec
12 Nov 2011   #4
Windows i7 920

Windows 8 Pro x64
 
 

Quote   Quote: Originally Posted by legacy7955 View Post
That is the nice thing about Google Chrome....I checked and my Adobe Flash is already updated via Chrome.

Oddly Java was not, but it shows you in the plug ins a warning about security update required.
Firefox alerts me to Flash updates too. I'm not sure if "vanilla" Firefox does this or if its one of the many security extensions I have installed.
My System SpecsSystem Spec
Reply

 Flash Player dirty dozen: Adobe plugs code execution holes




Thread Tools





Similar help and support threads
Thread Forum
Dirty Dozen Spampionship – which country is spewing the most spam?
Source A Guy
Security News
Dirty Dozen spam sending nations - find where you finished
http://i39.tinypic.com/2ztm03m.png Source A Guy
Security News
Adobe warns of 'critical' Flash Player security holes 3/6/12
Source: Adobe warns of 'critical' Flash Player security holes | ZDNet
Security News
Adobe plugs critical holes in Shockwave Player
ZDNet Adobe plugs critical holes in Shockwave Player | ZDNet Update your plugins! Maybe SevenForums should start a separate "Adobe" category in the forum directory. ;)
Security News
Microsoft Plugs Office Holes, But No IE Fix Yet
More - Microsoft Plugs Office Holes, But No IE Fix Yet — Krebs on Security
Browsers & Mail
Researcher spies new Adobe code execution bug.
Source - Researcher spies new Adobe code execution bug ? The Register
Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 11:54.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App