http://threatpost.com/adobe-patches-hos ... yer/108164
Adobe today released an updated Flash Player that patched a dozen vulnerabilities, and also announced that a scheduled security update for Reader and Acrobat has been postponed to Sept. 15.
Today’s release, which coincides with Microsoft’s monthly scheduled security updates, patches numerous remotely exploitable vulnerabilities in Flash Player for Windows, Macintosh and Linux operating systems.
Adobe has given its highest criticality rating for Flash Player 14 running on Windows, Mac, Linux and Internet Explorer 10 for Windows 8. Flash Player 11 for Linux and Adobe Air for all platforms were given a lower criticality rating and administrators can update at their discretion, Adobe said.
The critical bugs enabling remote code execution exploit for the most part memory issues, including a memory leakage issue that could allow an attacker to bypass address space layout randomization (ASLR). Another six CVEs address memory corruption vulnerabilities that lead to code execution, as well as a use-after-free vulnerability, security-bypass vulnerability, a heap buffer overflow and another bug that allows a hacker to bypass the same origin policy.