The flaws could allow hackers to compromise computers and install malware Adobe Systems has fixed more than 30 vulnerabilities in its Flash Player and Digital Editions products, most of which could be exploited to remotely install malware on computers. The bulk of the flaws, 26, were patched in Flash Player on all supported platforms: Windows, Mac and Linux. Twenty-three of those vulnerabilities can lead to remote code execution and the remaining three can be used for information disclosure or to bypass security features, Adobe said in an advisory. Adobe advises users to update Flash Player version 23.0.0.162 on Windows and Mac or version 11.2.202.635 on Linux. The new version of the Flash Player extended support release, which only receives security patches, is now 18.0.0.375. It’s worth pointing out that Adobe recently decided to update the NPAPI version of the Flash Player plug-in for Linux, which had been frozen at version 11.2 for the past four years. This is the Flash Player plug-in version used on Linux by browsers other than Google Chrome, which uses a newer PPAPI plug-in architecture. While this version of Flash Player has continued to receive security patches over the years, it didn’t benefit from new features. However, last month the company announced that it plans to bring the NPAPI Flash Player plug-in for Linux in sync with the modern release branch, which is currently at version 23. The Flash Player plug-in bundled with Google Chrome will be automatically updated through the browser’s update mechanism and the plug-in bundled with Microsoft Edge and Internet Explorer 11 on Windows 10 and 8.1 will be updated through Windows Update. Adobe also released version 4.5.2 of Adobe Digital Editions for Windows, Mac, iOS and Android. This new version of the company’s eBook reading app fixes eight vulnerabilities, all of which could be exploited to achieve remote code execution. Finally, the company updated its Adobe AIR SDK & Compiler for Windows to version 23.0.0.257. This is a security release that adds support for the secure transmission of runtime analytics for Android AIR applications created with the tool. “Developers are encouraged to recompile captive runtime bundles after applying this update,” the company said in an advisory. Related content news Cisco marries AI and security with cloud-based data center offering Cisco announces AI-based Hypershield, a self-upgrading security fabric that's designed to protect distributed applications, devices and data. By Michael Cooney Apr 18, 2024 5 mins Network Security Data Center how-to Shredding files on Linux with the shred command The shred command is a good option for removing files from a Linux system in a way that makes them virtually impossible to recover. By Sandra Henry-Stocker Apr 18, 2024 4 mins Linux news Intel announces edge AI processors New edge-optimized processors and FPGAs will power AI-enabled devices in vertical industries including retail, industrial and healthcare. By Andy Patrizio Apr 18, 2024 3 mins CPUs and Processors Edge Computing news HPE sues China’s Inspur Group for server patent infringement HPE has accused Inspur of infringing on more than 10,000 active patents, specifically those related to its server technologies, such as general-purpose servers, rack servers, high-density servers, and AI servers. By Sandeep Budki Apr 18, 2024 3 mins Technology Industry Servers PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe