Today’s Flash Player Security Bulletin discloses several new potential vulnerabilities, but please note that there is no new corresponding Flash Player update since the previous Security Bulletin. Adobe waited until an update to Adobe AIR, which embeds Flash Player, was available before disclosing this particular set of issues because the vulnerabilities in today's Security Bulletin APSB08-22 have more potential impact for the AIR product than the previously disclosed Flash Player issues from Security Bulletins APSB08-18 and APSB08-20. If you haven’t already, please update to Flash Player 10.0.12.36 (or Flash Player 9.0.151.0).
There is also an AIR Security Bulletin today, which includes an update to resolve an AIR-specific security issue and the aforementioned Flash Player issues. We recommend everyone update to Adobe AIR 1.5.
Finally, we have published a new Security Advisory for Flash Media Server customers. Adobe recommends Flash Media Server customers enable SWF verification to avoid potential video stream capturing by third-party software.
This posting is provided “AS IS” with no warranties and confers no rights.
Leave a comment