security updates for Multiple Adobe Products

Number: AV16-141
Date: 13 September 2016

Purpose

The purpose of this advisory is to bring attention to the recently released security updates for multiple Adobe products.

Assessment

Adobe has released Security Bulletins APSB16-28, APSB16-29, and APSB16-30 to address critical vulnerabilities that could allow an attacker to take control of vulnerable systems. All OS platforms are reported as being impacted.

Affected software versions:

  • Adobe Digital Editions 4.5.1 and earlier versions
  • Adobe Flash Player Desktop Runtime 22.0.0.211 and earlier (Windows and Macintosh)
  • Adobe Flash Player Extended Support Release 18.0.0.366 and earlier (Windows and Macintosh)
  • Adobe Flash Player for Google Chrome 22.0.0.211 and earlier (Windows, Macintosh, Linux and ChromeOS)
  • Adobe Flash Player for Microsoft Edge and Internet Explorer 11 22.0.0.211 and earlier (Windows 10 and 8.1)
  • Adobe Flash Player for Linux 11.2.202.632 and earlier
  • Adobe AIR SDK & Compiler 22.0.0.153 and earlier

CVE References: CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, CVE-2016-4261, CVE-2016-4262, CVE-2016-4263, CVE-2016-4182, CVE-2016-4237, CVE-2016-4238, CVE-2016-4271, CVE-2016-4272, CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4277, CVE-2016-4278, CVE-2016-4279, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-4287, CVE-2016-6921, CVE-2016-6922, CVE-2016-6923, CVE-2016-6924, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, CVE-2016-6932, CVE-2016-6936

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References:

Adobe Security Bulletin:

Date modified: