A Security Bulletin (APSB15-02) has been published regarding security updates for Adobe Flash Player. These updates address a vulnerability (CVE-2015-0310) that could be used to circumvent memory randomization mitigations on the Windows platform. Adobe is aware of reports that an exploit for CVE-2015-0310 exists in the wild, which is being used in attacks against older versions of Flash Player.
Adobe recommends users apply these updates for their product installations.
Additionally, we are investigating a report that a separate exploit for Flash Player 22.214.171.1247 and earlier versions also exists in the wild.
UPDATED January 22: A Security Advisory (APSA15-01) has been published regarding a critical vulnerability (CVE-2015-0311) in Adobe Flash Player 126.96.36.1997 and earlier versions for Windows, Macintosh and Linux. Please refer to this blog post for the latest information.
This posting is provided “AS IS” with no warranties and confers no rights.