Resolution for Recent Flash Player Vulnerabilities

A few days ago we were notified of two vulnerabilities within the Flash Player that could potentially allow an attacker to take control of an affected system. Upon investigation, we confirmed and fixed the issues, and took steps to ensure that this class of attack cannot be used as a future attack vector.

We released an update to Flash Player this morning, and are proactively pushing the update out to users. We are also working with browser vendors to distribute the updated player. You can grab the latest version of the Flash Player here.

We would like to thank Dhanesh Kizhakkinan of FireEye and Peter Pi of TrendMicro and slipstream/RoL for reporting the issues and working with us to help us quickly address them.

Flash Player is one of the most ubiquitous and widely distributed pieces of software in the world, and as such, is a target of malicious hackers. We are actively working to improve Flash Player security, and as we did in this case, will work to quickly address issues when they are discovered.

We continue to partner with browser vendors to both improve Flash Player security as well as invest in, contribute to and support more modern technologies such as HTML5 and JavaScript.