Global leaders are coming to Zenith Live. Are you? Learn More
Global leaders are coming to Zenith Live. Are you?
Learn More

 

Security Advisory - March 11, 2016

Zscaler Protects against Multiple Security Vulnerabilities in Adobe Flash Player and Acrobat Reader

 

 

Zscaler, working with Microsoft through their MAPP program, has deployed protections for the following 17 vulnerabilities included in the March 2016 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the March release and deploy additional protections as necessary.

APSB15-32Security updates available for Flash Player

Severity: Critical
Affected Software

  • Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier
  • Adobe Flash Player Extended Support Release 18.0.0.261 and earlier
  • Adobe Flash Player for Google Chrome 19.0.0.245 and earlier
  • Adobe Flash Player for Microsoft Edge and Internet Explorer 11 19.0.0.245 and earlier
  • Adobe Flash Player for Internet Explorer 10 and 11 19.0.0.245 and earlier
  • Adobe Flash Player for Linux 11.2.202.548 and earlier
  • AIR Desktop Runtime 19.0.0.241 and earlier
  • AIR SDK 19.0.0.241 and earlier
  • AIR SDK & Compiler 19.0.0.241 and earlier
  • AIR for Android 19.0.0.241 and earlier

CVE-2015-8655 – Flash Player Use-After-Free Vulnerability

Description: Adobe has released security updates for Adobe Flash Player.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

APSB16-08Security updates available for Flash Player

Severity: Critical
Affected Software

  • Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier
  • Adobe Flash Player Extended Support Release 18.0.0.329 and earlier
  • Adobe Flash Player for Google Chrome 20.0.0.306 and earlier
  • Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier
  • Adobe Flash Player for Internet Explorer 11 20.0.0.306 and earlier
  • Adobe Flash Player for Linux 11.2.202.569 and earlier
  • AIR Desktop Runtime 20.0.0.260 and earlier
  • AIR SDK 20.0.0.260 and earlier
  • AIR SDK & Compiler 20.0.0.260 and earlier
  • AIR for Android 20.0.0.233 and earlier

CVE-2016-0961 – Flash Player Memory Corruption Vulnerability

CVE-2016-0962 – Flash Player Memory Corruption Vulnerability

CVE-2016-0963– Flash Player Integer Overflow Vulnerability

CVE-2016-0986 – Flash Player Memory Corruption Vulnerability

CVE-2016-0987 – Flash Player Use-After-Free Vulnerability

CVE-2016-0988 – Flash Player Use-After-Free Vulnerability

CVE-2016-0989 – Flash Player Memory Corruption Vulnerability

CVE-2016-0990 – Flash Player Use-After-Free Vulnerability

CVE-2016-0991 – Flash Player Use-After-Free Vulnerability

CVE-2016-0993 – Flash Player Integer Overflow Vulnerability

CVE-2016-0994 – Flash Player Use-After-Free Vulnerability

CVE-2016-0995 – Flash Player Use-After-Free Vulnerability

CVE-2016-0996 – Flash Player Use-After-Free Vulnerability

CVE-2016-1001 – Flash Player Heap Overflow Vulnerability

CVE-2016-1010 – Flash Player Integer Overflow Vulnerability

Description: Adobe has released security updates for Adobe Flash Player.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

APSB16-09Security updates available for Acrobat Reader

Severity: Critical
Affected Software

  • Acrobat DC Continuous 15.010.20059 and earlier 
  • Acrobat Reader DC Continuous 15.010.20059 and earlier  
  • Acrobat DC Classic 15.006.30119 and earlier 
  • Acrobat Reader DC Classic 15.006.30119 and earlier  
  • Acrobat XI Desktop 11.0.14 and earlier 
  • Reader XI Desktop 11.0.14 and earlier 

CVE-2016-1007 – Acrobat Reader Memory Corruption Vulnerability

Description: Adobe has released security updates for Adobe Acrobat and Reader for Windows and Macintosh. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.