Critical Adobe Flash and Internet Explorer vulnerabilities
April 30, 2014
On April 28, 2014, Adobe released a patch for a critical vulnerability in Flash Player. Microsoft has announced a critical vulnerability in Internet Explorer, but has not yet released a patch for it. Both of these vulnerabilities are being actively exploited in the wild.
WHAT YOU SHOULD DO
FLASH PLAYER: Follow the instructions below to patch Flash Player on your computer.
INTERNET EXPLORER: Because Microsoft has not yet released a patch for this vulnerability, it is recommended that you use a different browser than IE for web browsing. Note: While current known methods to exploit this vulnerability involve Flash Player, the IE vulnerability is a separate problem from the Flash Player vulnerability. IE exploits that do not make use of Flash may be possible.
TO PATCH FLASH PLAYER
If you are running Flash Player version 18.104.22.168 or earlier on a Windows PC, version 22.214.171.124 or earlier on a Mac, or version 126.96.36.1990 or earlier on Linux, you should upgrade. To see which version of Flash you are running, visit:
If you are using the Flash Player that is installed with Google Chrome, or Internet Explorer 10 or 11, your version of Flash on that browser will be updated automatically (though, as mentioned above, you should refrain from using IE until Microsoft relases a patch for the IE problem).
To upgrade Flash if you are not using one of the above browsers, download it from:
Each browser that you use to view Flash content will need to be updated.
Additional information about this vulnerability and how to update Flash Player:
Please contact firstname.lastname@example.org or call the SCS Help Desk (x8-4231) if you have questions or problems with applying these patches. Thank you for your attention,
SCS Help Desk