Adobe released today an update APSB12-17 for its Flash player. The update addresses two vulnerabilities in the supported versions 10 and 11.
The update applies to all operating systems, Windows, Mac OS X, Linux and Solaris and is rated “priority 2”, meaning Adobe is not aware of an exploit code in the wild and suggests installation within the next 30 days.
The most interesting addition to this version of Flash is that Adobe included an automatic update feature. If the user opts-in (the default, see picture below) the player will in the future silently update all (this is new!) browsers on the system to the most current version of Flash.
We highly recommend to opt-in; running on the latest version of Flash adds considerable resilience to one’s setup, plus it avoids the chore of updating all of your installed browsers by hand.
Adobe explains in a blogpost the technical details of the “background updater”, which at the moment is implemented only for the Windows operating system family.
Author: Wolfgang Kandek, CTO, Qualys.