Print

Print


To all IT Professionals:

 

The UNL ITS Security Team would like to make you aware of a security update for Adobe Flash that fixes attacks seen in the wild.   Below is the link to the full Security Bulletin:

 

hxxps://helpx.adobe.com/security/products/flash-player/apsb16-15.html

 

 

Security updates available for Adobe Flash Player

 

Release date: May 12, 2016

 

Vulnerability identifier: APSB16-15

 

Priority: See table below

 

CVE number: CVE-2016-1096, CVE-2016-1097, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1101, CVE-2016-1102, CVE-2016-1103, CVE-2016-1104, CVE-2016-1105, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4109, CVE-2016-4110, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4116, CVE-2016-4117

 

Platform: Windows, Macintosh, Linux and ChromeOS

Summary

 

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.  Adobe is aware of a report that an exploit for CVE-2016-4117 exists in the wild. Please refer to APSA16-02 for additional details.

Affected Versions

Product                Affected Versions            Platform

Adobe Flash Player Desktop Runtime      21.0.0.226 and earlier

                Windows and Macintosh

Adobe Flash Player Extended Support Release    18.0.0.343 and earlier    Windows and Macintosh

Adobe Flash Player for Google Chrome   21.0.0.216 and earlier    Windows, Macintosh, Linux and ChromeOS

Adobe Flash Player for Microsoft Edge and Internet Explorer 11 21.0.0.213 and earlier    Windows 10

Adobe Flash Player for Internet Explorer 11          21.0.0.213 and earlier    Windows 8.1

Adobe Flash Player for Linux        11.2.202.616 and earlier               Linux

AIR Desktop Runtime      21.0.0.198 and earlier    Windows and Macintosh

AIR SDK                21.0.0.198 and earlier    Windows, Macintosh, Android and iOS

AIR SDK & Compiler         21.0.0.198 and earlier    Windows, Macintosh, Android and iOS

 

    To verify the version of Adobe Flash Player installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system. 

    To verify the version of Adobe AIR installed on your system, follow the instructions in the Adobe AIR TechNote.

 

Departments fully managed by ITS will have the updates automatically distributed.  Departments using SCCM and/or Casper to manage their own devices should enable the updates for distribution to their users.  For more information about how you can take advantage of the Enterprise Desktop Services provided by ITS, please visit http://its.unl.edu/desktop

 

 

Don’t hesitate to reach out if you have questions or comments about this notice.

 

Mike

 

 

 

Michael Rutt, CISSP | University of Nebraska – Lincoln | IT Security Coordinator | 402-472-0933 | [log in to unmask]