-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2013-0007 Title: Security Updates Available for Adobe Flash Player [1] Version history: 9.01.2013 Initial publication Summary ======= Adobe has released security updates for Adobe Flash Player 11.5.502.135 and earlier versions for Windows, Adobe Flash Player 11.5.502.136 and earlier versions for Macintosh, Adobe Flash Player 11.2.202.258 and earlier versions for Linux, Adobe Flash Player 11.1.115.34 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.29 and earlier versions for Android 3.x and 2.x. These updates address a vulnerability that could cause a crash and potentially allow an attacker to take control of the affected system. Vulnerable systems ================== Adobe Flash Player 11.5.502.135 and earlier versions for Windows Adobe Flash Player 11.5.502.136 and earlier versions for Macintosh Adobe Flash Player 11.2.202.258 and earlier versions for Linux Adobe Flash Player 11.1.115.34 and earlier versions for Android 4.x Adobe Flash Player 11.1.111.29 and earlier versions for Android 3.x and 2.x Adobe AIR 3.5.0.880 and earlier versions for Windows, Adobe AIR 3.5.0.890 and earlier versions for Macintosh and Adobe AIR 3.5.0.880 for Android Adobe AIR 3.5.0.880 SDK and Adobe AIR 3.5.0.890 SDK What can you do? ================ Adobe recommends users update their product installations to the latest versions: Users of Adobe Flash Player 11.5.502.135 and earlier versions for Windows should update to Adobe Flash Player 11.5.502.146. Users of Adobe Flash Player 11.5.502.136 and earlier versions for Macintosh should update to Adobe Flash Player 11.5.502.146. Users of Adobe Flash Player 11.2.202.258 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.261. Flash Player installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 11.5.31.137 for Windows, Macintosh and Linux. Flash Player installed with Internet Explorer 10 for Windows 8 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 11.3.378.5 for Windows. Users of Adobe Flash Player 11.1.115.34 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.36. Users of Adobe Flash Player 11.1.111.29 and earlier versions for Android 3.x and earlier versions should update to Flash Player 11.1.111.31. Users of Adobe AIR 3.5.0.880 and earlier versions for Windows should update to Adobe AIR 3.5.0.1060. Users of Adobe AIR 3.5.0.890 and earlier versions for Macintosh should update to Adobe AIR 3.5.0.1060. Users of the Adobe AIR SDK (includes AIR for iOS) should update to the Adobe AIR 3.5.0.1060 SDK. What to tell your users? ======================== Normal security best practices apply. Especially, inform your Web users to be cautious about attachments and following links to sites that are provided by unfamiliar or suspicious sources. Users are to be aware not to click on the link in suspicious emails; to immediately forward the suspicious email to the respective IT security officer / contact in your institution. More information ================ [1] http://www.adobe.com/support/security/bulletins/apsb13-01.html Best regards, CERT-EU Pre-configuration Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJQ7ZSmAAoJEPpzpNLI8SVov2EP/2bFfgD4l+zI9/IQ7Q4LPKoY MfnD3NLARs8Ck4bLpve8LEib5JxXISCG7d8W6qy4j3Uy1Fu6zJRkgVjjkQZtBCz/ pG6Gte/rq6qL7M3AqH15nIyTzRSg68UtWTmnJYEiUWUMN5wWyowO1qVcEsQuXjHd ccRCwzOreCJLnZcXhnpMIeWwEXTCOq0CKhssszYsk/MmtIiKyIKeqHVYb0s+bJWG EraTicXcopGhjWYHknLdlBhjhEx62g0Ya15ZEim8t3P4ohW/w0RX2hnSkJAUXl44 TujogvsKQGlwoz6Z/cdpDOVNWo2ASRHN7V4u2jr+J9/MAGAX+VDnAMewmRL9GH/N ll5Lk/xUYH63m6E1g60YKtse6w0UvBmo6FG88/Kn4HPTCT+RybptevOsEBw/xY87 cmRefHvsuHep7dbTqgUsN2QirF2tqlnT2VvMAEufvzKmJhaNf/WZABqQzmRX6Kj/ 1Uz4FE28p+A4YSI+3BGQzXpp7D5DtVWnfjgzw07WIWYx5a5vGI9A/PId/yqOt9/D 78Mb4bBVjwdsnSgLPbLJvYk6WEUQWLLofZ9zsO+0dsNvRtMXjQiMoF9Sw8TGg9Y+ teAXv3RINhQqBq6JUA5wN0RA22E2HaF+9DKuv2mMUG12ImBQo2dAVOJ5NgwCMbip 3svmR9+9J2wHWHN18Oi5 =kC+e -----END PGP SIGNATURE-----