On Tuesday, May 12, Adobe released critical patches for Flash Player, Reader, Acrobat and Air, which fix a total of 52 vulnerabilities in the software on Windows, Mac and Linux operating systems. The updates are considered critical as the patched vulnerabilities could potentially allow attackers to take control of the affected system. 

If you are the owner of a Windows, Mac, Linux machine, it is strongly recommended you download and install the fix, updating to the latest Adobe Flash Player 17.0.0.188, Adobe Reader and Acrobat versions 11.0.11 and Adobe AIR SDK & Compiler versions 17.0.0.172 (for instructions on how to download and install the latest Adobe Flash Player, Acrobat and Reader updates, scroll to the bottom of the article.)

Who Needs To Update?

All users on Windows Mac or Linux running the following software should update:

Adobe Flash Player 17.0.0.169 and earlier

AIR Desktop Runtime 17.0.0.144 and earlier

AIR SDK and SDK & Compiler 17.0.0.144 and earlier

Adobe Reader XI (11.0.10) and earlier

Adobe Reader X (10.1.13) and earlier

Adobe Acrobat XI (11.0.10) and earlier

Adobe Acrobat X (10.1.13) and earlier

If you are running any of this software you should definitely update. If you are unsure, directions for checking your version and updating are below. 

What Kinds Of Updates Are These? Are They Necessary?

The updates issued are critical in nature as the vulnerabilities could allow for remote code execution, meaning attackers can execute malicious code without users ever knowing. The updates deal with issues related to memory corruption, heap overflow problems, integer overflow, type confusion problems and use-after-free vulnerabilities.

For more in depth information on the kinds of issues addressed with the updates, iDigitalTimes reached out to Chris Goettl, product manager with Shavlik, who shared these insights:

“For Acrobat and Acrobat Reader there are 34 vulnerabilities being resolved and these are rated as Priority 1 updates. The vulnerabilities range from buffer overflows, which could lead to code execution, to null-pointer dereference, which could lead to DoS. Fourteen of these vulnerabilities are able to bypass restrictions on Javascript API execution. These updates, especially Acrobat Reader, should be on your priority list this month.

"Adobe Flash resolves 18 vulnerabilities and is also rated as a Priority 1 update," Goettl continued. "Thirteen of the 18 CVEs resolved have a CVSS base score of 9.3. There are multiple code execution vulnerabilities being resolved, one of which allows an attacker to bypass Protected Mode in Internet Explorer. With Flash updates you could have up to four updates to be deployed to resolve all of these vulnerabilities. Flash Player itself, Google Chrome (also released today), an update for Flash for FireFox, and a Security Advisory from Microsoft for Flash for IE. Flash Player should be on your priority list this month.”

How Do I Update Adobe Flash, Player And Acrobat?

Download Adobe Flash Player, Reader Acrobat Critical Update: How To Install Fix For Windows, Mac And Linux [HOW-TO GUIDE] Updating your Adobe Flash Player, Reader, Acrobat or Air software is easy and important. Visiting the official site makes the process simple. Adobe

For most, updating Adobe products is fairly simple. The company actually recommends users accept automatic updates for the Adobe Flash Player desktop runtime for Windows and Mac when prompted. However if you are concerned you won’t be able to tell the difference between a legitimate update prompt and a possible malware attack, then a manual update option is also available.

Install Adobe Flash Player, Reader, Acrobat And Air Update [Windows/Mac/Linux Links]

If you are a PC user with either a Windows, Mac or Linux computer and use the browsers Chrome or IE10 and above, your flash player will be automatically update through the browser itself. However, for all other browsers (i.e. Safari, Mozilla Firefox etc.) manual updates may be required. Please read the tutorial below for how to download and install the latest Adobe Flash Player and Adobe Air updates.

Depending on which system you are running, here are the Adobe Flash and Air updates you will download and install:

Adobe Flash Player Update Links

  • Windows and Macintosh Users with Adobe Flash Player should update to Adobe Flash Player 17.0.0.188 by visiting the Adobe Flash Player Download Center.
  • For Linux users running Adobe Flash Player, they should update to Adobe Flash Player 11.2.202.460 by visiting the Adobe Flash Player Download Center
  • Adobe Flash Player installed with Google Chrome will be automatically updated to the latest Google Chrome version, which will include Adobe Flash Player 17.0.0.188.
  • Adobe Flash Player installed with Internet Explorer for Windows 8.x will be automatically updated to the latest version, which will include Adobe Flash Player 17.0.0.188. 
  • Microsoft Windows 8 and Windows RT users will receive updates for the Flash Player embedded in their Modern UI Internet Explorer (IE) 10 and 11 through Microsoft Windows Update.

Adobe Reader Update Links

Adobe Air Update Links

  • Users running Adobe AIR desktop or Adobe AIR SDK & Compiler should update to version 17.0.0.172 by visiting the Adobe AIR Download Center.