Adobe Flash Player 11.1.102.62 security update

The stable version for Adobe Flash Player has been updated to version 11.1.102.62. This update addresses critical vulnerabilities identified in Adobe Flash Player 11.1.102.55 and earlier versions for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 11.1.112.61 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.5 and earlier versions for Android 3.x and 2.x. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. This update also resolves a universal cross-site scripting vulnerability that could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website.

Adobe recommends users of Adobe Flash Player 11.1.102.55 and earlier versions for Windows, Macintosh, Linux and Solaris update to Adobe Flash Player 11.1.102.62. Users of Adobe Flash Player 11.1.112.61 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.6. Users of Adobe Flash Player 11.1.111.5 and earlier versions for Android 3.x and earlier versions should update to Flash Player 11.1.111.6 via Android Marketplace.

Affected version:
  • Adobe Flash Player 11.1.102.55 and earlier versions for Windows, Macintosh, Linux and Solaris.
  • Adobe Flash Player 11.1.112.61 and earlier versions for Android 4.x.
  • Adobe Flash Player 11.1.111.5 and earlier versions for Android 3.x/2.x.

What is Adobe Flash Player?
Adobe Flash Player is a cross-platform, browser-based application runtime that provides uncompromised viewing of expressive applications, content, and videos across browsers and operating systems.

Adobe Flash Player 11.1 drives innovation for rich, engaging digital experiences with new features for cross-platform browser-based viewing of expressive rich internet applications, content, and videos across devices. This release contains really great new features, such as Stage 3D, 64-bit operating systems and browsers support, and TLS Secure Sockets Support.

Key benefits
Key benefits of the Adobe Flash Player 11.1 Final include:
  • Stage 3D Accelerated Graphics Rendering - Deliver cutting edge 2D and 3D experiences on the desktop.
  • Native 64-bit support - Support for 64-bit operating systems and browsers on Linux, Mac OS, and Windows.
  • G.711 audio compression for telephony - Integrate real-time voice and telephony capabilities into business apps and integrate with existing phone systems using the G.711 codec.
  • H.264/AVC SW Encoding - Create apps that encode higher quality video locally using the efficient H.264 video standard.
  • Socket Progress Events - Improve management of data transfer, track progress, and provide responsive feedback in apps send large amounts of data.
  • JPEG-XR support - Take advantage of support for the advanced JPEG-XR image compression format to deliver higher quality images with less bandwidth, and leverage lossy and lossless compression with alpha channel transparency.
  • Asynchronous Bitmap Decoding - Improve app responsiveness and deliver smoother animation by decoding images on initial load instead of on demand. Images are cached as needed.
  • TLS Secure Sockets Support - Enables secure communications for client/server applications.
Additional feature details available in the "Adobe Flash Player 11.1 Release Notes."

Adobe Flash Player 11.1

Download Adobe Flash Player 11.1.102.62
To download Adobe Flash Player 11.1.102.62 please visit website listed below:
For details on system requirements, please visit the Adobe Flash Player System requirements web page.

What's new in Adobe Flash Player 11.1.102.62
The following issues were fixed:
  • Resolves a memory corruption vulnerability that could lead to code execution (Windows ActiveX control only) (CVE-2012-0751).
  • Resolves a type confusion memory corruption vulnerability that could lead to code execution (CVE-2012-0752).
  • Resolves an MP4 parsing memory corruption vulnerability that could lead to code execution (CVE-2012-0753).
  • Resolves a memory corruption vulnerability that could lead to code execution (CVE-2012-0754).
  • Resolves a security bypass vulnerability that could lead to code execution (CVE-2012-0755).
  • Resolves a security bypass vulnerability that could lead to code execution (CVE-2012-0756).
  • Resolves a universal cross-site scripting vulnerability that could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website (CVE-2012-0767).

Source: Security Bulletin APSB12-03

No comments: