Once again it is necessary to update Adobe Flash Player due to a critical vulnerability in the program. This vulnerability is being exploited in the wild in targeted attacks via a malicious Web page, or a Flash file embedded in a Microsoft Word or Microsoft Excel file delivered as an email attachment, targeting the Windows platform.
In addition to the necessity of updating Adobe Flash Player, it is also recommended that Adobe AIR be updated. Download link: Adobe AIR Version 2.6. To verify the version of Adobe AIR installed on your system, follow the instructions in the Adobe AIR TechNote.
The Flash Player update was included in Google Chrome Version 10.0.648.205. An update for Android is expected during the week of April 25, 2011.
Release date: April 15, 2011
Vulnerability identifier: APSB11-07
CVE number: CVE-2011-0611
Platform: All Platforms
Although Adobe suggests downloading the update from the Adobe Flash Player Download Center or by using the auto-update mechanism within the product when prompted, if you prefer, the direct download links are as follows:
- IE: http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player_ax.exe
- Non-IE (Opera, Firefox etc) http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player.exe
To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu.
Do this for each browser installed on your computer.
- Adobe Security Advisory: Security Update Available for Adobe Flash Player
- Adobe PSIRT Blog: Security update available for Adobe Flash Player (APSB11-07)