Adobe has released security updates for Adobe Flash Player to address multiple vulnerabilities. Adobe is aware of reports that an exploit designed to trick a user into opening a Microsoft Word document with malicious Flash (.swf) content exists. These vulnerabilities could cause a crash and potentially allow an attacker to take control of an affected system.
Security updates are available for the following versions:
Adobe Flash Player 11.9.900.152 and earlier versions for Windows and Macintosh
Adobe Flash Player 188.8.131.527 and earlier versions for Linux
Adobe AIR 184.108.40.2060 and earlier versions for Windows and Macintosh
Adobe AIR 220.127.116.110 and earlier versions for Android
Adobe AIR 18.104.22.1680 SDK and earlier versions
Adobe AIR 22.214.171.1240 SDK & Compiler and earlier versions
US-CERT encourages users and administrators to review Adobe Security Bulletin APSB13-28 and follow best practice security policies to determine if their organization is affected and the appropriate response.