Update for Adobe Flash fixes critical vulnerability

Security updates are available for Flash Player, Framemaker, and Experience Manager.

Adobe has discovered a security vulnerability (CVE-2020-9633) in Flash Player up to version Adobe classifies the vulnerability as critical. The vulnerability allows an attacker to inject and execute code. The new version fixes this vulnerability.

Windows Update takes care of updating the Flash Player integrated in Edge and Internet Explorer. Google's Chrome browser gets the update automatically and for Firefox, Safari and Co, at least under Windows and macOS, an Adobe service provides the updates. You can also download and install the Flash Player yourself.

In Framemaker up to version 2019.0.5 there are three security vulnerabilities. Adobe has identified all three vulnerabilities (CVE-2020-9634, -9635, -9636) as critical and has eliminated them in the new version 2019.0.6.

Adobe Experience Manager (AEM), all versions from 6.1 through 6.5, has six vulnerabilities that Adobe identifies as high risk. Four gaps can lead to the execution of any Javascript code in the browser, the other two are data leaks. The only remedy is for AEM 6.4 and 6.5. Support for AEM 6.1 expired at the end of May.

Read more in the current Adobe Security Bulletins.

about author