1 min read

Adobe Fixes Highly Critical Vulnerability in Flash Player

Lucian Ciolacu

November 26, 2014

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Adobe Fixes Highly Critical Vulnerability in Flash Player

Adobe has issued a fix for critical vulnerability (CVE-2014-8439) found in Adobe Flash Player software, according to Adobe’s APSB14-26 security bulletin. The vulnerability affects all Adobe Flash Player and Adobe AIR versions on Windows, Macintosh and Linux.

“Adobe Flash Player before and 14.x and 15.x before on Windows and OS X and before on Linux, Adobe AIR before, Adobe AIR SDK before, and Adobe AIR SDK & Compiler before allow attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors,” the overview from National Vulnerability Database stated.


The ad-hoc security bulletin received a priority rating of 2, which means the “update resolves vulnerabilities in a product that has historically been at elevated risk” and so far there are no exploits in the wild.

Also, the vulnerability is rated as critical, meaning that “if exploited would allow malicious native-code to execute, potentially without a user being aware.”

A lower priority rating has been given to the Linux Flash Player version that has not been targeted by attackers until now.

Adobe Flash Player plug-in updates for Google Chrome and Internet Explorer are automatic. Users are also advised to check if the auto update feature from the desktop Flash Player version is turned on.



Lucian Ciolacu

Still the youngest Bitdefender News writer, Lucian is constantly after flash news in the security industry, especially when something is vulnerable or exploited.

View all posts

You might also like