Adobe Releases Update for Flash Media Server and Flash Player

(prHWY.com) May 16, 2011 - Albuquerque, NM -- Recently, Adobe released security update for Flash Media Server and Flash Player. The first update resolves critical vulnerabilities, which affect Flash Media Server (FMS) 4.0.1 and prior versions, and FMS 3.5.5 and prior versions for Windows and Linux. The vendor has recommended users to install FMS 4.0.2 and FMS 3.5.6 to prevent exploitation of critical vulnerabilities. The latest update mitigates memory corruption and data corruption issues. The memory corruption issue could allow attackers to execute arbitrary code, whereas data corruption issue could cause denial of service vulnerability.

The second update resolves critical vulnerabilities in Adobe Flash Player, which affect 10.2.159.1 and prior versions for Windows, Macintosh, Linux and Solaris users, Flash Player 10.2.154.28 and prior for Chrome users, and 10.2.157.51 for Linux users. Windows, Macintosh, Linux and Solaris users must upgrade to 10.3.181.14, Chrome users to version 11.0.696.68 of Chrome and Android users to 10.3.185.21. The latest Flash Player mitigates design flow, integer overflow issue, several memory corruption and bounds checking vulnerabilities. The flaws may crash the application and allow attackers to gain control of the compromised computers. The vendor has alerted users of attempts by attackers to exploit the vulnerabilities through malicious .swf file embedded in Microsoft Word and Microsoft Excel. The malicious documents are sent as attachments with cleverly crafted e-mails. Unscrupulous users, who fall prey to the enticing e-mails and open attachments, inadvertently install malware in their computers. The malware could be used to extract, delete or modify information stored in computers. Attackers may use the stolen information to launch phishing attacks, dispatch spam e-mails and extract more sensitive information from Internet users.

Adobe products are popular targets of cybercriminals as they are widely used by Internet users. Attackers may also target employees to compromise an organization's computers and gain access to privileged business information. Hiring professionals qualified in IT degree programs may aid organizations in timely identification and application of necessary security updates to software applications.Online IT courses may help IT professionals to update themselves on latest developments in the field of IT security.

Employees must be trained on safe computing practices through e-learning programs, and encouraged to undertake online IT degree programs to create IT security conscious culture in organizations. Internet users must avoid opening attachments from strangers and unknown sources. Installing latest updates to software applications, and anti-malware solutions may help users in safeguarding their computers from malicious attacks.

Contact Press

EC-Council
Website: http://www.eccuni.us
Email: iclass@eccouncil.org
Tel: 505-341-3228

EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.

###