Adobe issues security updates for Flash, Shockwave, Photoshop and RoboHelp

Adobe has issued fixes for vulnerabilities in Flash, Shockwave, Photoshop, RoboHelp and Flash Media Server in the latest security update.

Adobe has issued fixes for vulnerabilities in Flash, Shockwave, Photoshop, RoboHelp and Flash Media Server in the latest security update.

The vulnerabilities in Flash, Shockwave, Photoshop and Flash Media Server are critical and IT administrators should apply the patches as soon as possible, IT security professionals say.

Adobe says most of the attacks it is seeing exploit software installations that are not up-to-date on the latest security updates.

"Adobe therefore strongly recommends that users follow security best practices by installing the latest security updates as the best possible defence against those with malicious intent," the company said.

The update for Adobe Shockwave Player fixes vulnerabilities in version 11.6.0.626 and earlier versions for Windows and Macintosh.

These vulnerabilities could allow an attacker to run malicious code on the affected system, but Adobe is not aware of any exploits in the wild for any of the issues addressed in this update, the company said.

The update for Adobe Flash Media Server fixes a vulnerability in versions 4.0.2, 3.5.6 and earlier versions for Windows and Linux.

This vulnerability could allow an attacker to cause a denial-of-service (DoS) on the affected system, but Adobe is not aware of any exploits in the wild of the issue addressed in this update, the company said.

The update for Adobe Flash Player fixes vulnerabilities in version 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris, version 10.3.185.25 and earlier versions for Android, and Adobe AIR 2.7 and earlier versions for Windows, Macintosh and Android.

These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system, but Adobe is not aware of any exploits in the wild for any of the issues addressed in this update, the company said.

The update for Adobe Photoshop CS5 and CS5.1 fixes a vulnerability in versions 12.0, 12.1 and earlier versions for Windows and Macintosh.

This vulnerability could allow an attacker to take control of the affected system. To exploit this vulnerability, an attacker would have to convince a user to open a malicious .GIF file in Photoshop CS5 and Adobe is not aware of any exploits in the wild for the issue addressed in this update, the company said.

The update for Adobe RoboHelp fixes vulnerabilities in RoboHelp 9 (versions 9.0.1.232 and earlier), RoboHelp 8, RoboHelp Server 9 and RoboHelp Server 8 for Windows.

RoboHelp 9 version 9.0.1.262, is not vulnerable to this issue, Adobe said.

A specially crafted URL could be used to create a cross-site scripting attack on RoboHelp installations, but Adobe is not aware of any exploits in the wild for the issue addressed in this update, the company said.

Read more on IT risk management