Security Advisory - September 14, 2016
Zscaler protects against 10 new vulnerabilities for Adobe Flash Player.
Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 10 vulnerabilities included in the September 2016 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections as necessary.
APSB16-29 – Security updates available for Adobe Flash Player
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.
Severity: Critical
Affected Software
- Adobe Flash Player Desktop Runtime 22.0.0.211 and earlier
- Adobe Flash Player Extended Support Release 18.0.0.366 and earlier
- Adobe Flash Player for Google Chrome 22.0.0.211 and earlier
- Adobe Flash Player for Microsoft Edge and Internet Explorer 11 22.0.0.211 and earlier
- Adobe Flash Player for Linux 11.2.202.632 and earlier
CVE-2016-4271 – Flash Player Security Bypass Vulnerability
CVE-2016-4272 – Flash Player Use After Free Vulnerability
CVE-2016-4274 – Flash Player Memory Corruption Vulnerability
CVE-2016-4276 – Flash Player Memory Corruption Vulnerability
CVE-2016-4279 – Flash Player Use After Free Vulnerability
CVE-2016-4280 – Flash Player Type Confusion Vulnerability
CVE-2016-4281 – Flash Player Memory Corruption Vulnerability
CVE-2016-4282 – Flash Player Memory Corruption Vulnerability
CVE-2016-4283 – Flash Player Memory Corruption Vulnerability
CVE-2016-4284 – Flash Player Memory Corruption Vulnerability