Users can download the latest version of Flash Player from the official website or update it through their browser settings. Users who use Windows 8.x/10 Internet Explorer or Microsoft Edge will receive updates through Microsoft Windows Update. Users who use Google Chrome or Microsoft Windows 8 and 10 for Microsoft Edge and Internet Explorer do not need to uninstall Flash Player, as it is provided by these browsers.
Flash Player 32.0.0.303 fixes several bugs that affect the functionality and security of the software. Some of the fixed issues are:
A memory corruption vulnerability that could lead to arbitrary code execution (CVE-2020-15969)
A use-after-free vulnerability that could lead to arbitrary code execution (CVE-2020-15970)
A security bypass vulnerability that could lead to information disclosure (CVE-2020-15971)
A heap buffer overflow vulnerability that could lead to arbitrary code execution (CVE-2020-15972)
An out-of-bounds read vulnerability that could lead to information disclosure (CVE-2020-15973)
An integer overflow vulnerability that could lead to arbitrary code execution (CVE-2020-15974)
An out-of-bounds write vulnerability that could lead to arbitrary code execution (CVE-2020-15975)
An out-of-bounds read vulnerability that could lead to information disclosure (CVE-2020-15976)
An out-of-bounds write vulnerability that could lead to arbitrary code execution (CVE-2020-15977)
An out-of-bounds read vulnerability that could lead to information disclosure (CVE-2020-15978)
An out-of-bounds write vulnerability that could lead to arbitrary code execution (CVE-2020-15979)
An out-of-bounds read vulnerability that could lead to information disclosure (CVE-2020-15980)
Adobe thanks the following individuals and organizations for reporting these issues and for working with Adobe to help protect our customers:
Mat Powell of Trend Micro Zero Day Initiative
Francis Provencher of Trend Micro Zero Day Initiative
wushi of Tencent Security Xuanwu Lab
Yuki Chen of Qihoo 360 Vulcan Team
Anonymous working with Trend Micro Zero Day Initiative
[1]: Release Notes Flash Player 32 AIR 32 - Adobe Inc. [2]: https://get.adobe.com/flashplayer/ [3]: Security Bulletin APSB20-58 - Adobe Inc. [4]: https://www.zerodayinitiative.com/ [5]: https://xlab.tencent.com/en/ [6]: https://vulcan.team/
a104e7fe7e