Release date: December 28, 2015
Last updated: June 23, 2016
Vulnerability identifier: APSB16-01
Priority: See table below
CVE number: CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651, CVE-2016-0959
Platform: All Platforms
Adobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.
Adobe is aware of a report that an exploit for CVE-2015-8651 is being used in limited, targeted attacks.
Product | Affected Versions | Platform |
---|---|---|
Adobe Flash Player Desktop Runtime | 20.0.0.235 and earlier |
Windows and Macintosh |
Adobe Flash Player Extended Support Release | 18.0.0.268 and earlier | Windows and Macintosh |
Adobe Flash Player for Google Chrome | 20.0.0.228 and earlier | Windows, Macintosh, Linux and ChromeOS |
Adobe Flash Player for Microsoft Edge and Internet Explorer 11 | 20.0.0.228 and earlier | Windows 10 |
Adobe Flash Player for Internet Explorer 10 and 11 | 20.0.0.228 and earlier | Windows 8.0 and 8.1 |
Adobe Flash Player for Linux | 11.2.202.554 and earlier | Linux |
AIR Desktop Runtime | 20.0.0.204 and earlier | Windows and Macintosh |
AIR SDK | 20.0.0.204 and earlier | Windows, Macintosh, Android and iOS |
AIR SDK & Compiler | 20.0.0.204 and earlier | Windows, Macintosh, Android and iOS |
AIR for Android | 20.0.0.204 and earlier | Android |
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
Product | Updated Versions | Platform | Availability | |
---|---|---|---|---|
Adobe Flash Player Desktop Runtime |
20.0.0.267 | Windows and Macintosh |
1 | |
Adobe Flash Player Extended Support Release | 18.0.0.324 | Windows and Macintosh |
1 | Extended Support |
Adobe Flash Player for Google Chrome | 20.0.0.267 | Windows, Macintosh, Linux and ChromeOS | 1 | Google Chrome Releases |
Adobe Flash Player for Microsoft Edge and Internet Explorer 11 | 20.0.0.267 | Windows 10 | 1 | Microsoft Security Advisory |
Adobe Flash Player for Internet Explorer 10 and 11 | 20.0.0.267 | Windows 8.0 and 8.1 |
1 | Microsoft Security Advisory |
Adobe Flash Player for Linux | 11.2.202.559 | Linux | 3 | Flash Player Download Center |
AIR Desktop Runtime | 20.0.0.233 | Windows and Macintosh | 3 | AIR Download Center |
AIR SDK | 20.0.0.233 | Windows, Macintosh, Android and iOS | 3 | AIR SDK Download |
AIR SDK & Compiler | 20.0.0.233 | Windows, Macintosh, Android and iOS | 3 | AIR SDK Download |
AIR for Android | 20.0.0.233 | Android | 3 | Google Play |
December 29, 2015: Removed the acknowledgment for CVE-2015-8651.
June 23, 2016: Added reference for CVE-2016-0959, which was resolved in these updates but inadvertently omitted from the original version of the bulletin.
Sign in to your account