You are here

Adobe Releases Security Updates – Updated October 9, 2018

Adobe Releases Security Updates – Updated October 9, 2018

Created: Tuesday, October 9, 2018 - 17:18
Categories:
Cyber Security, Federal & State Resources

October 9, 2018

Adobe has released security updates to address vulnerabilities in Adobe Digital Editions, Framemaker, and Technical Communications Suite. An attacker could exploit these vulnerabilities to take control of an affected system. The NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-27, APSB18-37, and APSB18-38 and apply the necessary updates. NCCIC/US-CERT.

October 1, 2018

Adobe has released security updates to address multiple vulnerabilities in Adobe Acrobat and Reader. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-30 and apply the necessary updates. NCCIC/US-CERT.

September 11, 2018

Adobe has released security updates to address vulnerabilities in Adobe Flash Player and ColdFusion. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-31 and APSB18-33 and apply the necessary updates. NCCIC/US-CERT.

August 14, 2018

Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader, Adobe Experience Manager, Adobe Flash Player, and Adobe Creative Cloud Desktop Application. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-20APSB18-25APSB18-26, and APSB18-29, and apply the necessary updates. NCCIC/US-CERT.

June 7, 2018
Adobe has released security updates to address vulnerabilities in Flash Player. A remote attacker could exploit these vulnerabilities to take control of an affected system. The NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-19 and apply the necessary updates. NCCIC/US-CERT.

May 14, 2018

Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader and Photoshop CC. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-09 and APSB18-17 and apply the necessary updates. NCCIC/US-CERT.

May 8, 2018

Adobe has released security updates to address vulnerabilities in Adobe Connect, Adobe Flash Player, and Adobe Creative Cloud Desktop Application. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-18APSB18-16, and APSB18-12 and apply the necessary updates. NCCIC/US-CERT.

April 10, 2018

Adobe has released security updates to address vulnerabilities in Adobe PhoneGap Push Plugin, Adobe Digital Editions, Adobe InDesign, Adobe Experience Manager, and Adobe Flash Player. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-15APSB18-13APSB18-11APSB18-10, and APSB18-08, and apply the necessary updates. NCCIC/US-CERT.

February 13, 2018

Adobe has released security updates to address vulnerabilities in Adobe Experience Manager. A remote attacker could exploit these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review Adobe Security Bulletin APSB18-04 and apply the necessary updates. US-CERT.

February 6, 2018

Adobe has released security updates to address vulnerabilities in Flash Player. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review Adobe Security Bulletin APSB18-03 and apply the necessary updates. US-CERT.

January 9, 2018

Adobe has released security updates to address a vulnerability in Flash Player. A remote attacker could exploit this vulnerability to obtain sensitive information. NCCIC/US-CERT encourages users and administrators to review Adobe Security Bulletin APSB18-01 and apply the necessary updates. US-CERT.

November 14, 2017

Adobe has released security updates to address vulnerabilities in Flash Player, Photoshop CC, Adobe Connect, DNG Converter, InDesign, Digital Editions, Shockwave Player, and Experience Manager. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-33APSB17-34APSB17-35APSB17-37APSB17-38APSB17-39APSB17-40, and APSB17-41, and apply the necessary updates. US-CERT.

October 16, 2017
 
Adobe has released security updates to address a vulnerability in Adobe Flash Player. A remote attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletin APSB17-32 and apply the necessary updates. US-CERT.
 
September 12, 2017

Adobe has released security updates to address vulnerabilities in Adobe RoboHelp, Flash Player, and ColdFusion. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-25APSB17-28, and APSB17-30 and apply the necessary updates. US-CERT.

August 8, 2017
 

Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Acrobat, Reader, Experience Manager, and Digital Editions. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-23APSB17-24APSB17-26, and APSB17-27 and apply the necessary updates. US-CERT.

July 11, 2017
 

Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Adobe Connect. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB17-21 and APSB17-22 and apply the necessary updates. US-CERT.

June 13, 2017
 

Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Shockwave Player, Captivate, and Digital Editions. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-17APSB17-18APSB17-19, and APSB17-20 and apply the necessary updates. US-CERT.

May 9, 2017
 

Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Adobe Experience Manager Forms. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB17-15 and APSB17-16 and apply the necessary updates. US-CERT.

 
April 26, 2017
 

Adobe has released security updates to address a vulnerability in ColdFusion. Exploitation of this vulnerability may allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review Adobe Security Bulletin APSB17-14 and apply the necessary updates. US-CERT.

April 11, 2017
 

Adobe has released security updates to address vulnerabilities in Adobe Campaign, Flash Player, Acrobat and Reader, Photoshop CC, and Creative Cloud. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB17-09APSB17-10APSB17-11APSB17-12, and APSB17-13 and apply the necessary updates. US-CERT.

March 14, 2017
 

Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Shockwave Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-07 and APSB17-08 and apply the necessary updates. US-CERT.

February 14, 2017
 
Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Digital Editions, and Campaign. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-04APSB17-05, and APSB17-06 and apply the necessary updates. US-CERT.
 
January 10, 2017
 
Adobe has released security updates to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-01 and APSB17-02 and apply the necessary updates. US-CERT.
 
December 14, 2016
 
Adobe has released security updates to address vulnerabilities in multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages Users and administrators to review Adobe Security Bulletins APSB16-38, APSB16-39, APSB16-40, APSB16-41, APSB16-42, APSB16-43, APSB16-44, APSB16-45, and APSB16-46 and apply the necessary updates. US-CERT.
 
November 8, 2016
 
Adobe has released security updates to address vulnerabilities in Flash Player and Connect. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB16-37 and APSB16-35 and apply the necessary updates. US-CERT.
 
October 26, 2016
 
Adobe has released a security update to address a vulnerability in Flash Player. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletin APSB16-36 and apply the necessary update. US-CERT.
 
October 11, 2016
 
US-CERT has alerted users to Adobe’s security updates to address vulnerabilities in Flash Player and the Creative Cloud Desktop Application. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB16-32 and APSB16-34 and apply the necessary updates. US-CERT.
 
September 13, 2016
 
US-CERT has alerted users to Adobe’s security updates to address vulnerabilities in Digital Editions, Flash Player, and Air SKD & Compiler software. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB16-28, APSB16-29, and APSB16-31 and apply the necessary updates. US-CERT.
 
August 30, 2016
 
US-CERT has alerted users to Adobe's security updates to address a vulnerability in ColdFusion. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information from an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB16-30 and apply the necessary updates. US-CERT.
 
July 12, 2016
 
US-CERT has posted an alert on Adobe’s security updates to address vulnerabilities in Acrobat, Flash Player, Reader, and XMP Tookit for Java. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB16-24, APSB16-25, and APSB16-26 and apply the necessary updates. US-CERT.
 
June 17, 2016
 
US-CERT has alerted users to Adobe’s security updates to address vulnerabilities in Adobe Flash Player and Adobe AIR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. The critical vulnerability in Flash Player is being used in limited, targeted attacks. Kaspersky Lab has reported on an advanced persistent threat (APT) group called “ScarCruft” that is conducting these attacks. This APT group has been observed in several countries including the U.S., Russia, Nepal, South Korea, China, India, Kuwait, and Romania. Users and administrators are encouraged to review Adobe Security Bulletins APSB16-18 and APSB16-23 and apply the necessary updates. US-CERT.
 
June 14, 2016
 
US-CERT has posted an alert on Adobe’s security updates to address vulnerabilities in DNG Software Development Kit (SDK), Brackets, Creative Cloud Desktop Application and Cold Fusion. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB16-19, APSB16-20, APSB16-21 and APSB16-22 and apply the necessary updates. US-CERT.
 
May 23, 2016
 
US-CERT has alerted users to Adobe’s security update to address a vulnerability in Adobe Connect for Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Adobe Security Bulletin APSB16-17 and apply the necessary update. US-CERT.
 
May 12, 2016
 
US-CERT has alerted users to Adobe’s updates to address vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB16-15  and apply the necessary updates. US-CERT.
According to open source reports, attackers used the previously unpatched flaw in Flash to infect victims with either Locky or Cerber ransomware. Until then, Locky spread primarily via spam with attachments enticing users to enable macros in Word documents that download the ransomware onto machines. Kaspersky.
 
May 10, 2016
 
US-CERT has alerted users to Adobe’s security updates to address vulnerabilities in Flash Player, ColdFusion, Acrobat, and Reader. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSA16-02, APSB16-14, and APSB16-16 and apply the necessary updates. US-CERT.
 
In related reporting, an exploit for an Adobe Flash vulnerability is openly available. PCworld.
 
April 13, 2016
 
US-CERT has posted an alert on security updates to address vulnerabilities in Flash Player, Creative Cloud Desktop Application, and RoboHelp Server. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB16-10, APSB16-11, and APSB16-12 and apply the necessary updates. US-CERT.
 
April 8, 2016
 
US-CERT has posted an alert on Adobe's security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB16-10 and apply the necessary updates. US-CERT.
 
According to Kaspersky, the latest zero-day vulnerability in Flash is being used to push ransomware, specifically Locky and Cerber. Kaspersky.
 
March 10, 2016
 
US-CERT has posted an alert on Adobe's security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletin APSB16-08 and apply the necessary updates. US-CERT.
 
March 8, 2016
 
US-CERT has posted an alert on Adobe's security updates to address multiple vulnerabilities in Acrobat, Reader, and Digital Editions. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB16-09 and APSB16-06 and apply the necessary updates. US-CERT.
 
February 9, 2016
 
US-CERT has posted an alert regarding the latest Adobe security updates to address vulnerabilities in Connect, Experience Manager, Flash Player, and Photoshop CC and Bridge CC. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB16-07APSB16-05APSB16-04, and APSB16-03, and apply the necessary updates. US-CERT.
 
January 12, 2016
 
US-CERT has alerted users that Adobe has released security updates to address multiple vulnerabilities in Acrobat and Reader. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB16-02 and apply the necessary updates. US-CERT.
 
December 28, 2015
 
US-CERT has released an alert regarding Adobe's latest security updates to address multiple vulnerabilities in Flash Player. According to US-CERT, exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB16-01 (link is external) and apply the necessary updates. Additional reports indicate that targeted attacks have been observed against these vulnerabilities. US-CERT.
 
December 8, 2015
 
US-CERT has alerted users to the latest Adobe security updates. These updates address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-32 and apply the necessary updates. As reported by SC Magazine, these updates address a record number of 78 vulnerabilities, including five considered Priority 1 and five as Priority 3. US-CERT.
 
November 17, 2015
 
Adobe has released security updates to address multiple vulnerabilities in ColdFusion, LiveCycle Data Services, and Adobe Premiere Clip. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins for ColdFusionLiveCycle Data Services, and Adobe Premier Clip and apply the necessary updates. US-CERT.
 
November 10, 2015
 
Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-28 and apply the necessary updates. US-CERT.
 
October 27, 2015
 
Adobe has released a security update for Adobe Shockwave Player. Exploitation of this vulnerability could potentially allow an attacker to take control of the affected system.  Users and administrators are encouraged to review Adobe Security Bulletin APSB15-26 and apply the necessary updates. US-CERT.
 
October 16, 2015
 
Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-27 and apply the necessary updates. US-CERT.
 
October 13, 2015
 
US-CERT advises that Adobe has released security updates to address multiple vulnerabilities in Reader and Acrobat. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-24 and apply the necessary updates. US-CERT.
 
September 21, 2015
 
US-CERT advises that Adobe has released security updates to address multiple vulnerabilities in Flash Player for Windows, Macintosh, ChromeOS, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-23 and apply the necessary updates. US-CERT.
 
September 8, 2015
 
US-CERT advises that Adobe has released a security update to address vulnerabilities in Shockwave Player. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-22 and apply the necessary update. US-CERT.
 
August 28, 2015
 
US-CERT advises that Adobe has released a security update for ColdFusion to address a vulnerability. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information from an affected system. Users and administrators are encouraged to review the Adobe Security Bulletin APSB15-21 and apply the necessary update. US-CERT.
 
August 18, 2015
 
US-CERT advises that Adobe has released a security update to address a vulnerability in LiveCycle Data Services versions 4.7, 4.6.2, 4.5, and 3.0.x. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information from an affected system. US-CERT recommends that users and administrators review Adobe Security Bulletin APSB15-20 and apply the necessary updates. US-CERT.
 
July 14, 2015
 
US-CERT advises that Adobe has released a security update to address critical vulnerabilities in Shockwave Player for Windows and Macintosh. Exploitation of these vulnerabilities could allow an attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-17 and apply the necessary update. US-CERT.
 
July 11, 2015
 
US-CERT advises that Adobe Flash Player contains critical vulnerabilities within the ActionScript 3 opaqueBackground and BitmapData classes, which could allow a remote attacker to execute arbitrary code on a vulnerable system. Versions affected include Adobe Flash Player 9 through 18.0.0.204. Users and administrators are encouraged to review Adobe Security Advisory APSA15-04, as well as Vulnerability Notes VU#338736 and VU#918568 for workaround information. No patch is currently available. US-CERT.
 
July 8, 2015
 
US-CERT advises that Adobe has released security updates to address multiple vulnerabilities in Flash Player for Windows, Macintosh, and Linux. These include a critical vulnerability (CVE-2015-5119) in Adobe Flash Player 18.0.0.194 and earlier versions. Adobe is aware of a report that an exploit targeting CVE-2015-5119 has been made publicly available. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-16 and apply the necessary updates. US-CERT.
 
July 7, 2015
 
US-CERT advises that Adobe Flash Player contains a vulnerability within the ActionScript 3 ByteArray class, which can allow a remote attacker to execute arbitrary code on a vulnerable system. Versions affected include Adobe Flash Player 9.0 through 18.0.0.194. Users and administrators are encouraged to review Vulnerability Note VU#561288 for additional information. US-CERT.
 
June 23, 2015
 
US-CERT advises that Adobe has released security updates to address a critical vulnerability in Flash Player for Windows, Macintosh, and Linux. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-14 and apply the necessary updates. US-CERT.
 
June 16, 2015
 
US-CERT advises that Adobe has released security updates for Adobe Photoshop Creative Cloud (CC) and Bridge CC to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB15-12 and APSB15-13 and apply the necessary updates. US-CERT.
 
June 9, 2015
 
US-CERT advises that Adobe has released security updates to address multiple vulnerabilities in Flash Player for Windows, Macintosh, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.Users and administrators are encouraged to review Adobe Security Bulletin APSB15-1 and apply the necessary updates. US-CERT.
 
May 12, 2015
 
US-CERT advises that Adobe has released security updates to address multiple vulnerabilities in Flash Player, Reader, and Acrobat. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB15-09 and APSB15-10 and apply the necessary updates. US-CERT.
 
April 15, 2015
 
US-CERT advises that Adobe has released three security updates to address multiple vulnerabilities in Flash Player, ColdFusion, and Flex. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system, or lead to a reflected cross-site scripting attack. Users and administrators are encourages to review the relevant security bulletins and apply updates as necessary. US-CERT.
 
March 12, 2015
 
Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-05(link is external) and apply the necessary updates.
 
February 5, 2015
 
US-CERT advises that Adobe has released security updates to address multiple vulnerabilities in Flash Player, one of which could allow a remote attacker to take control of an affected system. US-CERT.
 
January 26, 2015
 
US-CERT advises that Adobe has released Flash Player desktop version 16.0.0.296 to address a critical vulnerability in 16.0.0.287 and earlier versions for Windows and Macintosh. This vulnerability could allow an attacker to take control of the affected system. US-CERT.
 
November 25, 2014
 
Adobe has released security updates to address a vulnerability in Flash Player which could potentially allow a remote attacker to take control of an affected system. US-CERT.
 
November 11, 2014
 
Adobe has released security updates to address multiple vulnerabilities in Flash Player, one of which could potentially allow an attacker to take control of the affected system. US-CERT.
 
October 14, 2014
 
Adobe has released security updates to address multiple vulnerabilities in ColdFusion and Flash Player. Exploitation could allow attackers to take control of a vulnerable system. US-CERT.
September 9, 2014
 
US-CERT advises that Adobe has released security updates to address multiple vulnerabilities in Adobe Flash Player and Air for Windows, Macintosh and Linux. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system. US-CERT.
 
July 8, 2014
 
Adobe has released security updates to address multiple vulnerabilities in Flash Player and Air. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system. US-CERT.
 
June 10, 2014
 
Adobe has released security updates to address multiple vulnerabilities in Flash Player and Air. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system. US-CERT.
 
April 28, 2014
 
Active exploitation of a vulnerability in versions of Flash Player could potentially allow an attacker to take control of an affected system. Adobe has released security updates to address these vulnerabilities. Users and administrators are encouraged to review the security bulletin and apply the necessary updates. US-CERT.
 
April 9, 2014
 
Adobe has released updates to address multiple vulnerabilities in Adobe Flash Player and AIR. Exploitation of these vulnerabilities may allow an attacker to take control of the affected system. US-CERT
 
March 14, 2014
 
US-CERT has reported on security updates for Adobe Shockwave Player. These updates address vulnerabilities that could allow an attacker to take control of an affected system.

Security update for Adobe Shockwave Player

 
February 11, 2014
 
US-CERT advises that Adobe has released a security update to address a vulnerability in Adobe Shockwave Player 12.0.7.148 and earlier versions for Windows and Macintosh operating systems.  Exploitation of this vulnerability could allow an attacker to take control of the affected system.US-CERT recommends that users and administrators review the Adobe Security Bulletin and follow best practice security policies to determine which updates should be applied. US-CERT
 
February 4, 2014
 
US-CERT advises of security updates to address vulnerabilities for versions of Adobe Flash Player in Windows, Macintosh, and Linux. Exploitation of these vulnerabilities could allow an attacker to take control of an affected system. 

Read the advisory at US-CERT:

Adobe Flash Player

 
January 15, 2014
 
Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.05) and earlier versions for Windows and Macintosh to address multiple vulnerabilities affecting the following software versions:
  • Adobe Reader XI (11.0.05) and earlier 11.x versions for Windows and Macintosh
  • Adobe Reader X (10.1.8) and earlier 10.x versions for Windows and Macintosh
  • Adobe Acrobat XI (11.0.05) and earlier 11.x versions for Windows and Macintosh
  • Adobe Acrobat X (10.1.8) and earlier 10.x versions for Windows and Macintosh
Exploitation of these vulnerabilities could lead to a crash or potentially allow an attacker to take control of the affected system.
US-CERT recommends that users and administrators review Adobe Security Bulletin APSB14-01 and follow best practice security policies to determine which updates should be applied.

Adobe has also released security updates for Adobe Flash Player (11.9.900.170) and earlier versions for Windows, Macintosh, Adobe Flash Player (11.2.202.332), and Linux to address multiple vulnerabilities that may allow an attacker to take control of the affected system.  Affected software versions:

  • Adobe Flash Player 11.9.900.170 and earlier versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.332 and earlier versions for Linux
  • Adobe AIR 3.9.0.1380 and earlier versions for Windows and Macintosh
  • Adobe AIR 3.9.0.1380 and earlier versions of Android
  • Adobe AIR 3.9.0.1380 SDK and earlier versions
  • Adobe AIR 3.9.0.1380 SDK & Compiler and earlier versions
US-CERT recommends that users and administrators review Adobe Security Bulletin APSB14-02 and follow best practice security policies to determine which updates should be applied.
 
December 10, 2013
 
Multiple vulnerabilities have been discovered in Adobe Flash Player that could allow an attacker to take control of the affected system. Successful exploitation could result in an attacker gaining the same privileges as the logged-on user. Depending on the users privileges, the attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Partners are encouraged to install the updates provided by Adobe. Read the security bulletin at Adobe.
 
November 12, 2013
 
Multiple vulnerabilities have been discovered in Adobe Flash Player that could allow an attacker to take control of the affected system. Adobe Flash Player is a widely distributed multimedia and application player used to enhance the user experience when visiting web pages or reading email messages. Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploit attempts will likely cause denial-of-service conditions. Read the security bulletin at Adobe.