|
Issues addressed by the update include multiple memory corruption vulnerabilities that could lead to code execution (including one that was specific to Windows and ActiveX), a denial of service vulnerability with potential for arbitrary code execution, an input validation vulnerability that could lead to a bypass of cross-domain policy file restrictions, a library-loading vulnerability with potential code execution, and an information disclosure vulnerability that was specific to Safari on Mac OS X.
"Adobe recommends users of Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux, and Solaris update to Adobe Flash Player 10.1.102.64," company officials said. Adobe Flash Player 10.1.85.3 was released on September 20.
The new version of Flash Player is available here. Windows users can obtain the update through Flash Player's auto-update mechanism, and Linux users may find it pushed out via their distro's updater.
There is also an updated version of Flash Player 9 for those who cannot move to version 10 for some reason. It is available here.