Potential vulnerabilities have been identified in Adobe Flash Player 220.127.116.11 and earlier that could allow an attacker who successfully exploits these potential vulnerabilities to bypass Flash Player security controls.
This update addresses a potential “Clickjacking’ issue in Flash Player. Clickjacking is an issue in multiple web browsers that could allow an attacker to lure a web browser user into unknowingly clicking on a link or dialog. This update helps prevent a Clickjacking attack on a Flash Player user’s camera and microphone.
This update includes further changes to enhance Flash Player’s interpretation of cross-domain policy files. These changes could help prevent privilege escalation attacks against web servers hosting Flash content and cross-domain policy files.
The affected version is Adobe Flash Player 18.104.22.168 and earlier.