Number: AV18-026
Date: 6 February 2018
Purpose
The purpose of this advisory is to bring attention to a recently published Adobe security bulletin.
Assessment
Adobe has released an update that fixes a vulnerability in Flash Player. A remote user could exploit this vulnerability and cause the execution of arbitrary code.
Affected Versions:
- Adobe Flash Player Desktop Runtime 28.0.0.137 and earlier
- Adobe Flash Player for Google Chrome 28.0.0.137 and earlier
- Adobe Flash Player for Microsoft Edge and Internet Explorer 11 28.0.0.137 and earlier
CVE References: CVE-2018-4877, CVE-2018-4878
Suggested action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References
https://helpx.adobe.com/security/products/flash-player/apsb18-03.html