Adobe Flash now with automatic updating

by Andy on April 3rd, 2012 in Security Tips.

The latest Flash update patches two security vulnerabilities - the first (CVE-2012-0772),  resolves a memory corruption vulnerability related to URL security domain checking that could lead to code execution on Windows 7 or Vista. The second (CVE-2012-0773) fixes a memory corruption vulnerability in the NetStream class that could lead to code execution.

TLDR; vulnerable Flash player, exploits patched.

However, this time around, Adobe have introduced an automatic updating mechanism for Flash Player. Flash has long been a popular target for malicious exploits and making sure you have the latest version has been until now, something you can easily neglect doing.

From this release, all you need to keep Flash Player up to date is... nothing. No more daily checking the Adobe Security bulletins and advisories page (which we all do, right? Oh, just me then.). Like Google Chrome, Flash player will now automatically pull down the latest updates and apply them for you.

Visit http://get.adobe.com/flashplayer to download the latest Flash Player. An additional dialog box is displayed during installation which prompts you to select your preferred update method. I highly recommend that you select the default option to install updates automatically when available.