Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

Security Advisory for Adobe Flash Player (APSA16-01)

Apr 5, 2016 7:27PM PDT
Release date: April 5, 2016

Vulnerability identifier: APSB16-01

CVE number: CVE-2016-1019

Platform: Windows, Macintosh, Linux and Chrome OS

Summary:
A critical vulnerability (CVE-2016-1019) exists in Adobe Flash Player 21.0.0.197 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 7 and Windows XP with Flash Player version 20.0.0.306 and earlier. A mitigation introduced in Flash Player 21.0.0.182 currently prevents exploitation of this vulnerability, protecting users running Flash Player 21.0.0.182 and later.

Adobe is planning to provide a security update to address this vulnerability as early as April 7.

Mitigations, and Severity Ratings included in the Advisory :
https://helpx.adobe.com/security/products/flash-player/apsa16-01.html

Discussion is locked