On Wednesday, July 8, 2015, Adobe issued updates for Adobe Flash Player to fix multiple security vulnerabilities that allow an attacker to take control of an affected system. Some of these vulnerabilities are already being exploited in the wild. Information Systems & Computing (ISC) strongly recommends that all users of Adobe Flash Player on both Windows and OS X systems update to version 18.0.0.203 or above as soon as possible. The update can be obtained by using either Adobe’s automatic update or downloading the update installer directly (see below).
Notes
Users in managed environments such a IBM Endpoint Manager can expect to be patched for this vulnerability shortly.
For users in unmanaged environments, ISC suggests configuring the software to use Adobe's automatic update for Flash Player. Available for both Windows and OS X, this update check can be configured to either alert the user to the availability of an update or to automatically install any available Flash Player update. These settings can be found in these locations:
* Windows: click Start > Settings > Control Panel > Flash Player
* OS X: System Preferences > Flash Player (note: under “Other")
Google Chrome (Windows and OS X) and Internet Explorer 10/11 (Windows 8.x only) manage and update their Flash Player instances from within the browser. Windows 7 users of Internet Explorer 10/11 must download and install the plug-in for Flash Player. All web browsers should be restarted following the update.
References
Adobe's security bulletin regarding these vulnerabilities is located here:
https://helpx.adobe.com/security/products/flash-player/apsb15-16.html
The direct download link for all versions of Adobe Flash Player is located here:
http://get.adobe.com/flashplayer/otherversions/
Penn's Supported Products page for Adobe Flash Player has related information at:
https://secure.www.upenn.edu/computing/resources/category/applications/article/adobe-flash-player