Zscaler Security Advisories

Security Advisory - November 08, 2016

Zscaler protects against 9 new vulnerabilities for Adobe Flash Player

Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 9 vulnerabilities included in the November 2016 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections as necessary.

APSB16-37 – Security updates available for Adobe Flash Player

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. 

Severity: Critical 
Affected Software

  • Adobe Flash Player Desktop Runtime 23.0.0.205 and earlier
  • Adobe Flash Player for Google Chrome 23.0.0.205 and earlier
  • Adobe Flash Player for Microsoft Edge and Internet Explorer 11 23.0.0.205 and earlier
  • Adobe Flash Player for Linux 11.2.202.643 and earlier

CVE-2016-7857 – Flash Player Use After Free Vulnerability
CVE-2016-7858 – Flash Player Use After Free Vulnerability
CVE-2016-7859 – Flash Player Use After Free Vulnerability
CVE-2016-7860 – Flash Player Type Confusion Vulnerability
CVE-2016-7861 – Flash Player Type Confusion Vulnerability
CVE-2016-7862 – Flash Player Use After Free Vulnerability
CVE-2016-7863 – Flash Player Use After Free Vulnerability
CVE-2016-7864 – Flash Player Use After Free Vulnerability
CVE-2016-7865 – Flash Player Type Confusion Vulnerability