Adobe has released its second critical patch in a week for Flash to cover six vulnerabilities.
Updates are available for the Windows, Mac, Linux and Android platforms. Adobe has also released patches for three flaws in the Air product. Windows and Mac users will need to update to v. 11.4.402.265, while the Flash Player installed with Google Chrome should automatically be updated to the latest Chrome version, which will include Adobe Flash Player v. 220.127.116.11 for Windows and Linux and Flash Player v. 11.4.402.265 for Mac.
Windows and Mac users will be able to update to Adobe Air 18.104.22.1680.
Wolfgang Kandek, CTO of Qualys, said that five of the flaws are categorised as ‘critical' and can lead to remote code execution on the attacked machine.
“We recommend installing the update as quickly as possible, at least on the Windows platform where it carries the highest priority rating of ‘one', with an associated recommended patch turnaround time of 72 hours,” he said.
“Overall the release will be a bit of a surprise for IT administrators, as we had a Flash Player release last week during the normal Patch Tuesday, together with the new versions of Acrobat/Reader and Shockwave Player. We believe that last week's release was an out-of-band emergency fix to address a specific vulnerability under abuse in the wild and that could not be integrated with this bigger release.”