UPDATED: Security Advisory posted for Adobe Flash Player (APSA16-01)

A Security Advisory (APSA16-01) has been published regarding a critical vulnerability (CVE-2016-1019) in Adobe Flash Player.  UPDATE: Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 7 and Windows XP Windows 10 and earlier with Flash Player version 20.0.0.306 and earlier.  A mitigation introduced in Flash Player 21.0.0.182 currently prevents exploitation of this vulnerability, protecting users running Flash Player 21.0.0.182 and later.

Adobe is planning to provide a security update to address this vulnerability as early as April 7.  For the latest information, users may continue to monitor the Adobe Product Security Incident Response Team blog.

This posting is provided “AS IS” with no warranties and confers no rights.

Comments are closed.