Adobe releases Flash patch, fixes 79 vulnerabilities

Adobe has released its last Flash Player patch of the year, fixing a total of 79 vulnerabilities. This release patches a couple of crucial vulnerabilities which could allow an attacker to take full control of a victim's system.

The huge update list, from CVE-2015-8045 through to CVE-2015-8457 is available on all computer systems and fixes problems including stack overflow vulnerabilities, memory corruption flaws and buffer overflow issues, all of which can lead to remote code execution.

With this update, Internet Explorer (IE) and Chrome for Windows and Mac have reached version 20.0.0.228, while Firefox and Safari’s version is 29.0.0.235.

AIR Desktop Runtime, AIR SDK, AIR SDK & Compiler and AIR for Android are also updated to Flash version 20.0.0.204 for Windows, Macintosh, Android and iOS in the latest release.

Adobe says that the patch will install itself automatically if users have opted for auto-updates. Users who do not have the 'Allow Adobe to install updates' option enabled can install the update via the update feature inside the product. Adobe advises all Flash users to patch as soon as possible, to protect their systems from possible breaches.

Adobe said a number of firms had helped to find the numerous security gaps in the much-maligned Flash software, including Google's Project Zero, Palo Alto Networks and HP's Zero Day Initiative.

Flash has been heavily criticised by the tech industry for being vulnerable, and often used to inject malicious codes into people’s computers. All major browsers have disabled Flash player or have completely blocked it.