To all IT Professionals:
The UNL ITS Security Team would like to make you aware of a security update for Adobe Flash that fixes attacks seen in the wild. Below is the link to the full Security Bulletin:
Security updates available for Adobe Flash Player
Release date: May 12, 2016
Vulnerability identifier: APSB16-15
Priority: See table below
CVE number: CVE-2016-1096, CVE-2016-1097, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1101, CVE-2016-1102, CVE-2016-1103, CVE-2016-1104, CVE-2016-1105, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4109, CVE-2016-4110, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4116, CVE-2016-4117
Platform: Windows, Macintosh, Linux and ChromeOS
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit for CVE-2016-4117 exists in the wild. Please refer to APSA16-02 for additional details.
Product Affected Versions Platform
Adobe Flash Player Desktop Runtime 126.96.36.199 and earlier
Windows and Macintosh
Adobe Flash Player Extended Support Release 188.8.131.523 and earlier Windows and Macintosh
Adobe Flash Player for Google Chrome 184.108.40.206 and earlier Windows, Macintosh, Linux and ChromeOS
Adobe Flash Player for Microsoft Edge and Internet Explorer 11 220.127.116.11 and earlier Windows 10
Adobe Flash Player for Internet Explorer 11 18.104.22.168 and earlier Windows 8.1
Adobe Flash Player for Linux 22.214.171.1246 and earlier Linux
AIR Desktop Runtime 126.96.36.199 and earlier Windows and Macintosh
AIR SDK 188.8.131.52 and earlier Windows, Macintosh, Android and iOS
AIR SDK & Compiler 184.108.40.206 and earlier Windows, Macintosh, Android and iOS
To verify the version of Adobe Flash Player installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.
To verify the version of Adobe AIR installed on your system, follow the instructions in the Adobe AIR TechNote.
Departments fully managed by ITS will have the updates automatically distributed. Departments using SCCM and/or Casper to manage their own devices should enable the updates for distribution to their users. For more information about how you can take advantage of the Enterprise Desktop Services provided by ITS, please visit http://its.unl.edu/desktop
Don’t hesitate to reach out if you have questions or comments about this notice.
Michael Rutt, CISSP | University of Nebraska – Lincoln | IT Security Coordinator | 402-472-0933 | [log in to unmask]