Skip to main content

Adobe releases Flash patch, fixes 79 vulnerabilities

Adobe has released its last Flash Player patch of the year, fixing a total of 79 vulnerabilities. This release patches a couple of crucial vulnerabilities which could allow an attacker to take full control of a victim's system.

The huge update list (opens in new tab), from CVE-2015-8045 through to CVE-2015-8457 is available on all computer systems and fixes problems including stack overflow vulnerabilities, memory corruption flaws and buffer overflow issues, all of which can lead to remote code execution.

With this update, Internet Explorer (IE) and Chrome for Windows and Mac have reached version 20.0.0.228, while Firefox and Safari’s version is 29.0.0.235.

AIR Desktop Runtime, AIR SDK, AIR SDK & Compiler and AIR for Android are also updated to Flash version 20.0.0.204 for Windows, Macintosh, Android and iOS in the latest release.

Adobe says that the patch will install itself automatically if users have opted for auto-updates. Users who do not have the 'Allow Adobe to install updates' option enabled can install the update via the update feature inside the product. Adobe advises all Flash users to patch as soon as possible, to protect their systems from possible breaches.

Adobe said a number of firms had helped to find the numerous security gaps in the much-maligned Flash software, including Google's Project Zero, Palo Alto Networks and HP's Zero Day Initiative.

Flash has been heavily criticised by the tech industry for being vulnerable, and often used to inject malicious codes into people’s computers. All major browsers have disabled Flash player or have completely blocked it.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.