Saturday, January 24, 2015

Second Out-of-Band Adobe Flash Player Update

Adobe Flashplayer

Although not expected until next week, Adobe has released the update addressing a Zero-Day being distributed through the Angler Exploit Kit in Adobe Flash Player.  The vulnerability was discovered by security researcher Kafeine (See Unpatched Vulnerability (0day) in Flash Player is being exploited by Angler EK | Malware don't need Coffee) and applies to Adobe Flash Player and earlier versions for Windows and Macintosh and Adobe Flash Player and earlier versions for Linux.

Although the update has been released early, it is only available 
for those who have Flash Player set to auto-update.  The direct download links are not expected to be available until next week. 

To set Flash Player to auto-update, do the following:
  • Windows: click Start > Settings > Control Panel > Flash Player
  • Macintosh: System Preferences (under Other) click Flash Player
  • Linux Gnome: System > Preferences > Adobe Flash Player
  • Linux KDE: System Settings > Adobe Flash Player

Edit Note:  (1/25/2015) The direct download links are now available.  See below.

Adobe is working with Google Chrome and Microsoft to provide the update for Chrome and Internet Explorer on Windows 8.x and Windows 10 Technical Preview. 

Update Information:

Release date: January 22, 2015
Last updated: January 24, 2015
Vulnerability identifier: APSA15-01
CVE number: CVE-2015-0311
Platform: All Platforms

The direct download links:
Verify Installation:

To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu. 

Do this for each browser installed on your computer.

To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

1 comment:

bhringer said...