The flaws could allow hackers to compromise computers and install malware Adobe Systems has fixed more than 30 vulnerabilities in its Flash Player and Digital Editions products, most of which could be exploited to remotely install malware on computers. The bulk of the flaws, 26, were patched in Flash Player on all supported platforms: Windows, Mac and Linux. Twenty-three of those vulnerabilities can lead to remote code execution and the remaining three can be used for information disclosure or to bypass security features, Adobe said in an advisory. Adobe advises users to update Flash Player version 23.0.0.162 on Windows and Mac or version 11.2.202.635 on Linux. The new version of the Flash Player extended support release, which only receives security patches, is now 18.0.0.375. It’s worth pointing out that Adobe recently decided to update the NPAPI version of the Flash Player plug-in for Linux, which had been frozen at version 11.2 for the past four years. This is the Flash Player plug-in version used on Linux by browsers other than Google Chrome, which uses a newer PPAPI plug-in architecture. While this version of Flash Player has continued to receive security patches over the years, it didn’t benefit from new features. However, last month the company announced that it plans to bring the NPAPI Flash Player plug-in for Linux in sync with the modern release branch, which is currently at version 23. The Flash Player plug-in bundled with Google Chrome will be automatically updated through the browser’s update mechanism and the plug-in bundled with Microsoft Edge and Internet Explorer 11 on Windows 10 and 8.1 will be updated through Windows Update. Adobe also released version 4.5.2 of Adobe Digital Editions for Windows, Mac, iOS and Android. This new version of the company’s eBook reading app fixes eight vulnerabilities, all of which could be exploited to achieve remote code execution. Finally, the company updated its Adobe AIR SDK & Compiler for Windows to version 23.0.0.257. This is a security release that adds support for the secure transmission of runtime analytics for Android AIR applications created with the tool. “Developers are encouraged to recompile captive runtime bundles after applying this update,” the company said in an advisory. Related content news Hitachi Vantara launches unified storage platform Virtual Storage Platform One provides on-premises and cloud storage of both structured and unstructured data. By Andy Patrizio Apr 26, 2024 2 mins Enterprise Storage Data Center analysis Extreme demos AI-based network assistant Extreme AI Expert can answer network questions, troubleshoot operations, and create alerts for conditions such as network degradation or Wi-Fi dead spots. By Michael Cooney Apr 25, 2024 4 mins Network Management Software news Cradlepoint unveils 5G SASE platform for mobile, distributed environments NetCloud SASE integrates cellular SD-WAN and security capabilities into a cloud-based platform to secure and mitigate risk across managed and unmanaged devices. By Denise Dubie Apr 24, 2024 3 mins 5G SASE SD-WAN analysis IBM drops $6.4B for HashiCorp and its multicloud automation technology HashiCorp's automation technology will fit into IBM’s Red Hat, watsonx, data security, IT automation and consulting businesses. By Michael Cooney Apr 24, 2024 3 mins Data Center Automation Network Management Software Cloud Computing PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe