Security Alert (A17-02-03): Adobe Flash Player Vulnerabilities in Microsoft Products

Description:

Microsoft has released a security bulletin (MS17-005 Security Update for Adobe Flash Player) fixing multiple vulnerabilities in Adobe Flash Player installing on all supported editions of Microsoft Windows. This security bulletin covers the patch for Adobe Flash Player 24.0.0.221 for Microsoft Edge and Internet Explorer mentioned in our security alert A17-02-02 issued on 15.2.2017.

Affected Systems:

• Internet Explorer 10, 11
• Microsoft Edge

A complete list of the affected products can be found in the section "Affected Software" in the Microsoft security bulletin summary available at:

https://technet.microsoft.com/library/security/ms17-feb

Impact:

A successful exploitation could lead to arbitrary code execution or potentially take control of the affected system.  

Recommendation:

Patches for affected products are available from the Microsoft Update website. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

• Microsoft Update
  http://update.microsoft.com/microsoftupdate

More Information:

https://technet.microsoft.com/library/security/ms17-feb
https://technet.microsoft.com/en-us/library/security/MS17-005
https://www.hkcert.org/my_url/en/alert/17022201
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2984 (to CVE-2017-2988)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2990 (to CVE-2017-2996)
http://helpx.adobe.com/security/products/flash-player/apsb17-04.html