This is rated "critical" as it is being exploited in the wild and allows an attacker to completely take over your computer. Everything is vulnerable - Windows (Edge and Internet Explorer), Mac, ChromeOS, and Linux. Strangely, the listed for "Priority" for Linux is lower than for the others, although there's no explanation why. My recommendation to those of y'all on Linux is to upgrade.
Patch is available here.
It may just be better to remove Flash (uninstall it). Most of the major Internet video sites such as Youtube do not use it, and Flash is a sewer of security fail. Uninstalling it will prevent you from having to install the next critical emergency patch.
23.0.0.205 has been out for Linux for a while now. Link on how to do it properly for those of us using Chromium:
ReplyDeletehttp://askubuntu.com/questions/799832/how-to-install-tar-gz-files-which-dont-have-config-file/799845
The "flash from terminal" does not seem to work with Chromium. Not sure about other browsers. I ditched Firefox and all things Mozilla when they fired that manager for donating to the traditional marriage campaign in Kalifornia.
Don't bother following the link for IE/Edge on Windows 10. You'll just wind up on a page that tells you Flash is built into the browser and will be automatically updated. Maybe eventually, but the latest Windows 10 insider preview (14959, which I just installed this evening) is out of date (version 185, whereas the fixed version is 205).
ReplyDeleteUse this link, and find the appropriate update for your situation:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=adobe%20flash
Odd that following the link I get a warning that it tried to start my outdated flash player. :-)
ReplyDeleteThanks.Uninstalled it.
ReplyDeleteThanks for the heads up. The only warning I would give is to look very carefully at the crapware it wants to install by default. Be sure to uncheck both boxes.
ReplyDelete