security update for Adobe Flash Player

Number: AV16-183
Date: 8 November 2016

Purpose

The purpose of this advisory is to bring attention to the recently released security update for Adobe Flash Player.

Assessment

Adobe has released Security Bulletin APSB16-37 to address critical vulnerabilities that could allow an attacker to take control of the affected system. 

Affected software versions:

  • Adobe Flash Desktop Runtime 23.0.0.205 and earlier versions for Windows and Macintosh.
  • Adobe Flash Player for Google Chrome 23.0.0.205 and earlier versions of Windows, Macintosh, Linux and Chrome.
  • Adobe Flash Player for Microsoft Edge and Internet Explorer 11 23.0.0.205 and earlier for Windows 10 and 8.1.
  • Adobe Flash Player for Linux versions 11.2.202.643 and earlier.

CVE References: CVE-2016-7857, CVE-2016-7858, CVE-2016-7859, CVE-2016-7860, CVE-2016-7861, CVE-2016-7862, CVE-2016-7863, CVE-2016-7864, CVE-2016-7865

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References:

https://helpx.adobe.com/security/products/flash-player/apsb16-37.html

Date modified: