Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 29.0.0.140 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Adobe Flash Player Update to version 29.0.0.140

Please update your Flash 27.0 r0 as is insecure Flash Player Version: 29.0.0.140 Current Version 1: Select Operating SystemStep 2: Select A Version (Firefox, . . . .)Note: Other software is offered in the download.

As of version 11.3 Adobe has two different MSI packages available for download. One MSI (full_flashplayer_win_msi) is targeted for Internet Explorer users. The another (full_flashplayer_win_pl_msi) is targeted for Pluged-in based browsers like Firefox. These can be downloaded from the Adobe Flash Player download page here or by using these links:

One worth underlining is a critical fix for Flash Player (CVE-2018-4944) affecting all platforms including Windows 10 (Edge) and 8.1 and Server 2012/R2 (IE). The vulnerable version is 29.0.0.140, which requires an update to 29.0.0.171.

QID Detection Logic:Operating Systems: Windows 8.1, Windows RT 8.1, Windows10, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 This authenticated QID checks for the file version of %windir%\System32\Macromed\Flash\Flash.ocx for file versions lesser than 29.0.0.140.KB Articles associated with this update are: ADV180007ConsequenceSuccessful exploitation allows an attacker to execute code remotely and bypass security restrictions to gain access to sensitive information.SolutionCustomers are advised to follow KB4093110 for instructions pertaining to the remediation of these vulnerabilities.Patches:The following are links for downloading patches to fix these vulnerabilities:KB4093110 2ff7e9595c