Security updates available for Adobe Flash Player Release date: September 9, 2014 Vulnerability identifier: APSB14-21 http://helpx.adobe.com/security/products/flash-player/apsb14-21.html ----------- Release Notes: http://helpx.adobe.com/flash-player/release-note/fp_15_air_15_release_notes.html
Here I thought Pepper Flash would get my Linux system up-to-date as well, but currently it ain't so: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=761022
UPDATE: Upcoming Security Updates for Adobe Reader and Acrobat (APSB14-20) Those running the software can expect updates via your normal Adobe channels later today - September 15.
Adobe Reader 11.0.09 update - All languages | This is not the Adobe FTP. http://www.adobe.com/support/downloads/detail.jsp?ftpID=5840 The update is also available via the internal update mechanism. Open Adobe Reader, from the Help Menu, select - Help | Check for updates. Advanced users: may disable AdobeARM from MSCONFIG so that the software is not needlessly pinging the update server ... (phoning home)
Internet Explorer (and other browsers that support Internet Explorer ActiveX controls and plug-ins) = 15.0.0.167 Internet Explorer (Windows 8 ) = 15.0.0.167 http://www.adobe.com/software/flash/about/ ------------------------------------------ Adobe Flash Player - Release Notes: http://helpx.adobe.com/flash-player/release-note/fp_15_air_15_release_notes.html Microsoft Security Advisory 2755801 Update for Vulnerabilities in Adobe Flash Player in Internet Explorer Published: September 21, 2012 | Updated: September 23, 2014 https://technet.microsoft.com/library/security/2755801 ------------------- Description of the update for Adobe Flash Player in Internet Explorer: September 23, 2014 https://support.microsoft.com/kb/2999249
Adobe Flash Player updates available for OS X on September 23, 2014 http://support.apple.com/kb/HT5655
Adobe Flash Player 15.0.0.189 Release Notes: http://helpx.adobe.com/flash-player/release-note/fp_15_air_15_release_notes.html Edit: Adobe Security Bulletin Security updates available for Adobe Flash Player Release date: October 14, 2014 Vulnerability identifier: APSB14-22 http://helpx.adobe.com/security/products/flash-player/apsb14-22.html
Adobe Flash Player 15.0.0.223 Edit: http://helpx.adobe.com/security/products/flash-player/apsb14-24.html ------------- Release Notes: http://helpx.adobe.com/flash-player/release-note/fp_15_air_15_release_notes.html
APSB14-26: Security updates available for Adobe Flash Player https://helpx.adobe.com/security/products/flash-player/apsb14-22.html
http://helpx.adobe.com/security/products/flash-player/apsb14-26.html ----------- Release Notes: http://helpx.adobe.com/flash-player/release-note/fp_15_air_15_release_notes.html .
The Adobe Flash release was in effect, out-of-band. Second time's a charm: Adobe has another go at killing Flash hijack flaw
Reader 11.0.10 is available less the third party offerings. Please deselect these at all times ! http://get.adobe.com/reader/ Advanced users may deselect AdobeARM from MSCONFIG and reboot. This prevents the software from "phoning home" for updates. Also disable automatic updates from the preferences panel. None of this hinders the ability to update the software.
Flash auto-updated to 15.0.0.246 here, which seems to indicate that this is a security update for the 15.x branch and users don't necessarily need the new 16 version for security. The security bulletin lists 15.0.0.242 and lower under Affected software versions, so .246 seems safe. However, the summary mentions that users of .246 are already protected against CVE-2014-9163, but nothing about the 5 other CVE's, which leads me to the conclusion that it is vulnerable to those. Btw, with Flash player 16, the PPAPI version also became stable. It is however not available on the clean installers page which is not allowed to be linked here, I could only find it here: https://get.adobe.com/flashplayer/otherversions/