Adobe has released updates for Adobe Flash Player and a hotfix for ColdFusion. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
The IT Security Office advises that users update.
Adobe Flash Player 11.5.502.110 and earlier for Windows and Macintosh
Adobe Flash Player 184.108.40.206 and earlier versions for Linux
Adobe Flash Player 220.127.116.11 and earlier versions for Android 4.x
Adobe Flash Player 18.104.22.168 and earlier versions for Android 3.x and 2.x
Adobe AIR 22.214.171.1240 and earlier for Windows and Macintosh, Android and SDK (includes AIR for iOS)
ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX
Security bulletin names:
APSB12-27 – Security update available for Adobe Flash Player
APSB12-26 – Hotfix available for ColdFusion 10 and earlier
Released: December 11, 2012
Additional information about this vulnerability can be viewed at:
If you have any questions, please contact the IT Service Center at 303-735-4357 (or 5-HELP from an on-campus phone) or firstname.lastname@example.org. Email and phone help is available Mondays through Thursdays, 7:00 a.m. to 10:00 p.m.; Fridays, 7:00 a.m. to 7:00 p.m.; and Saturdays and Sundays, noon to 6:00 p.m.
OIT has defined the following categories to describe the severity of security risks:
URGENT severity represents a broad threat to the entire campus community.
SEVERE severity included remote exploits and worms.
IMPORTANT severity includes virus and local exploits for commonly used services.