Another Adobe Security Bulletin

HardOCP News · Feb 12, 2016

Adobe, the number one manufacturer of critical vulnerabilities in the world, announced yesterday that it has released another patch for Adobe Flash Player.

Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier Windows and Macintosh

Adobe Flash Player Extended Support Release 18.0.0.326 and earlier Windows and Macintosh

Adobe Flash Player for Google Chrome 20.0.0.286 and earlier Windows, Macintosh, Linux and ChromeOS

Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier Windows 10

Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier Windows 8.1

Adobe Flash Player for Linux 11.2.202.559 and earlier Linux

AIR Desktop Runtime 20.0.0.233 and earlier Windows and Macintosh

AIR SDK 20.0.0.233 and earlier Windows, Macintosh, Android and iOS

AIR SDK & Compiler 20.0.0.233 and earlier Windows, Macintosh, Android and iOS

Ocellaris · Feb 12, 2016

Vulnerability Details
These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2016-0985).
These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984).
These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-0971).
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981).

I can't wait to see the Flash post mortem in a couple of years where Adobe explains how they managed to have so many vulnerabilities over such a long period of time in one piece of software.

Merc1138 · Feb 12, 2016

systemvipers said:
man that sucks, you need Adobe Flash Player for a lot of things and i didn't know it was that bad...

Really? It's been one of the biggest sources of computer vulnerabilities since... ever. It's honestly kind of amazing that something primarily used for animations and crap can even have so many vulnerabilities.

striker444 · Feb 12, 2016

Die flash, die. Been flash free for almost a year now, haven't looked back.

OutOfPhase · Feb 12, 2016

Flash. Flash never changes.

"Vulnerabilities in Flash" is the tech-world version of "Violence in the Middle-East".

naib · Feb 12, 2016

Flash ahhahh, shittest framework in the universe

AK0tA · Feb 13, 2016

Just because I am lazy and don't know, is there a better alternative for one to use than adobe flash? Something even a little bit secure?

polonyc2 · Feb 13, 2016

they've been releasing monthly Flash updates along with Windows Update for years now

Sp33dFr33k · Feb 13, 2016

AK0tA said:
Just because I am lazy and don't know, is there a better alternative for one to use than adobe flash? Something even a little bit secure?

Not to play Flash content.

Personally I haven't used flash in more than 4 years and it's never really been an issue. Once YouTube ditched it I really had no need for it. If I site required it for some reason I would load it up on a virtual machine and uninstall it after.

Another Adobe Security Bulletin

HardOCP News

[H] News

Ocellaris

Fully [H]

Merc1138

2[H]4U

striker444

Gawd

OutOfPhase

Supreme [H]ardness

naib

[H]ard|Gawd

AK0tA

Gawd

polonyc2

Fully [H]

Sp33dFr33k

2[H]4U