Adobe has released security updates for ColdFusion and Adobe Flash Player for both Windows, Linux and Macintosh. These updates address vulnerabilities that could potentially allow an attacker to bypass IP address access control, perform the Cross-site scripting or Cross-site request and take control of the affected system.
The following updates are available:
- Adobe Flash Player desktop runtime for Windows and Macintosh should update to Adobe Flash Player 126.96.36.199.
- Adobe Flash Player Extended Support Release should update to Adobe Flash Player 188.8.131.52.
- Adobe Flash Player for Linux should update to Adobe Flash Player 184.108.40.2061.
- Adobe Flash Player installed with Google Chrome, Internet Explorer 10 and Internet Explorer 11 will be automatically updated to the current version.
- Adobe AIR desktop runtime should update to version 220.127.116.113.
- Adobe AIR SDK and AIR SDK & Compiler should update to version 18.104.22.1682.
- Adobe AIR for Android should update to Adobe AIR 22.214.171.1243
- Adobe has released security hotfixes for ColdFusion versions 11, 10, 9.0.2, 9.0.1 and 9.0 for all platforms.
Users and administrators are encouraged to review the Adobe Security Bulletins APSB14-22 and APSB14-23 and apply the necessary updates.