Menu Close

Adobe Flash Player Version 21.0.0.242 Released

Harris

Adobe Flash Player ​version 21.0.0.242 has been released by Adobe Systems.  Adobe Flash Player is a cross-platform browser-based application runtime that is required for viewing of certain applications, content, and videos.

 

Fixed Issues

  • Truncation and printing issues on http://www.usflashmap.com/ (4129993)
  • [Pepper Only] Issues with Custom Right click handling of flash player (4136373)
  • Space metacharacter (s) is no longer including non-breaking spaces (xA0) (4137804)

Known Issues

  • Flash Player quits if the “totalFrames” property of a loaded volatile MovieClip is accessed (4127339)

 



Security Updates

Adobe has released security updates for Adobe Flash Player for Windows.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. 
Adobe is aware of a report that an exploit for CVE-2016-4117 exists in the wild. Please refer to APSA16-02 for additional details.

  • Adobe recommends users of the Adobe Flash Player Desktop Runtime for Windows update to 21.0.0.242
  • Adobe Flash Player installed with Google Chrome will be automatically updated to the latest Google Chrome version, which will include Adobe Flash Player 21.0.0.242 for Windows.
  • Adobe Flash Player installed with Microsoft Edge and Internet Explorer for Windows 10 and 8.1 will be automatically updated to the latest version, which will include Adobe Flash Player 21.0.0.242. 

 

 

Vulnerability Details

  • These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-1105, CVE-2016-4117).

  • These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4110).

  • These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-1101).

  • These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2016-1103).

  • These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115).

  • These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4116).

 

Adobe Flash Player is one of the applications that is managed and updated by ODS.  If you are a current customer, ODS will automatically update your version of Adobe Flash Player over the next few days.  ODS will deploy both the ActiveX version and the Plugin version.  This ensures that Adobe Flash Player will function with web browsers including Internet Explorer, Firefox, and Chrome.  The update will install silently.  No user interaction is required.  There are no additional fees or charges for ODS to update your version of Adobe Flash Player. 

Creative Commons License
H Tech Solutions Blog by Harris Schneiderman is licensed under a Creative Commons Attribution 4.0 International License.
Permissions beyond the scope of this license may be available at https://htechsolutions.biz/contact-us