Number: AV16-049
Date: 11 March 2016
Purpose
The purpose of this advisory is to bring attention to the recently released security updates for Adobe Flash Player.
Assessment
Adobe has released Security Bulletin APSB16-08 to address critical vulnerabilities that could allow an attacker to take control of the affected system.
Affected Versions:
- Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier for Windows and Macintosh
- Adobe Flash Player Extended Support Release 18.0.0.329 and earlier for Windows and Macintosh
- Adobe Flash Player for Google Chrome 20.0.0.306 and earlier for Windows, Macintosh, Linux, and ChromeOS
- Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier for Windows 10
- Adobe Flash Player for Internet Explorer 11 20.0.0.306 and earlier for Windows 8.1
- Adobe Flash Player for Linux 11.2.202.569 and earlier for Linux
- AIR Desktop Runtime 20.0.0.260 and earlier for Windows and Macintosh
- AIR SDK 20.0.0.260 and earlier for Windows, Macintosh, Android, and iOS
- AIR SDK & Compiler 20.0.0.260 and earlier for Windows, Macintosh, Android, and iOS
- AIR for Android 20.0.0.233 and earlier for Android
CVE References: CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010
Suggested action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html