Adobe has released an emergency update that resolves 3 critical security vulnerabilities, including the one that was discovered by TrendMicro this week. All three of these vulnerabilities could allow an attacker to create a specially crafted web page that exploits the security holes in order to remotely execute code on the victims machine. This would allow the attacker to download files, execute commands, and have full control of the victim's computer.
This update was supposed to be released on October 19th, but as the vulnerabilities were actively being used to distribute malware or perform other attacks, Adobe pushed it out quicker. It is strongly suggested that anyone who uses Adobe Flash upgrade to the latest versions listed in the below table.
|Adobe Flash Player Desktop Runtime||126.96.36.199||Windows and Macintosh|
|Adobe Flash Player Extended Support Release||188.8.131.52||Windows and Macintosh|
|Adobe Flash Player for Google Chrome||184.108.40.206||Windows, Macintosh and Linux|
|Adobe Flash Player for Google Chrome||220.127.116.11||Chrome OS|
|Adobe Flash Player for Microsoft Edge and Internet Explorer 11||18.104.22.168||Windows 10|
|Adobe Flash Player for Internet Explorer 10 and 11||22.214.171.124||Windows 8.0 and 8.1|
|Adobe Flash Player for Linux||126.96.36.1990||Linux|