Adobe has released updates for Adobe Flash Player. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
The IT Security Office advises that users update.
Adobe Flash Player 11.5.502.135 and earlier versions for Windows
Adobe Flash Player 11.5.502.136 and earlier versions for Macintosh
Adobe Flash Player 22.214.171.1248 and earlier versions for Linux
Adobe Flash Player 126.96.36.199 and earlier versions for Android 4.x
Adobe Flash Player 188.8.131.52 and earlier versions for Android 3.x and 2.x
Adobe AIR 184.108.40.2060 and earlier versions for Windows, Adobe AIR 220.127.116.110 and earlier versions for Macintosh and Adobe AIR 18.104.22.1680 for Android
Adobe AIR 22.214.171.1240 SDK and Adobe AIR 126.96.36.1990 SDK
Adobe Reader XI (11.0.0) for Windows and Macintosh
Adobe Reader X (10.1.4) and earlier 10.x versions for Windows and Macintosh
Adobe Reader 9.5.2 and earlier 9.x versions for Windows and Macintosh
Adobe Reader 9.5.1 and earlier 9.x versions for Linux
Adobe Acrobat XI (11.0.0) for Windows and Macintosh
Adobe Acrobat X (10.1.4) and earlier 10.x versions for Windows and Macintosh
Adobe Acrobat 9.5.2 and earlier 9.x versions for Windows and Macintosh
Security bulletin names:
APSB13-01 Security updates available for Adobe Flash Player
APSB13-02 Security updates for Adobe Reader and Acrobat
Released: January 8, 2013
Additional information about this vulnerability can be viewed at:
If you have any questions, please contact the IT Service Center at 303-735-4357 (or 5-HELP from an on-campus phone) or email@example.com. Email and phone help is available Mondays through Thursdays, 7:00 a.m. to 10:00 p.m.; Fridays 7:00 a.m. to 7:00 p.m.; and Saturdays and Sundays, noon to 6:00 p.m.
OIT has defined the following categories to describe the severity of security risks:
URGENT severity represents a broad threat to the entire campus community.
SEVERE severity included remote exploits and worms.
IMPORTANT severity includes virus and local exploits for commonly used services.