Published on: 12 July 2017
Security updates are released for Adobe Flash Player to address multiple vulnerabilities caused by memory corruption and security bypass. To successfully exploit the vulnerabilities, a remote attacker could entice a targeted user to open a specially crafted Flash file, web page or document that supports embedded Flash content.
A successful exploitation could lead to memory address disclosure, information disclosure, arbitrary code execution or potentially take control of the affected system.
Upgrade Adobe Flash Player to the following versions to address the issues. The upgrade can be obtained by using the auto-update mechanism or by downloading at the following URLs:
If you have multiple browsers, you are required to perform the Adobe Flash Player upgrade for each browser, the Flash Player version can be checked at
http://get.adobe.com/flashplayer/about/
https://helpx.adobe.com/security/products/flash-player/apsb17-21.html
https://support.microsoft.com/zh-hk/help/4025376/security-update-for-adobe-flash-player-april-11-2017
https://www.hkcert.org/my_url/en/alert/17071202
https://www.us-cert.gov/ncas/current-activity/2017/07/11/Adobe-Releases-Security-Updates
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3099
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3100