March 14, 2006
Summary: Critical vulnerabilities have been identified in Flash Player that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these vulnerabilities. Users are recommended to update to the most current version of Flash Player available for their platform.
Solution: Adobe recommends all Flash Player 220.127.116.11 and earlier users upgrade to the new version 18.104.22.168, which can be downloaded from the Player Download Center. For customers that cannot upgrade to Flash Player 8, please refer to the Flash Player 7 update TechNote.
Adobe provides a free license for redistributing Flash Player on company intranets, or with software product or services. For more information and to apply for a license, use the online application.
If you are unable to follow Adobe’s guidance or cannot move to a more recent version of Flash Player, please contact the Adobe Security Team at PSIRT@adobe.com for guidance around this update.
Adobe recommends Breeze customers upgrade to Breeze Meeting Add-In version 5.1, which can be downloaded via the following links:
Shockwave Player includes the Flash Asset Xtra. Adobe recommends Shockwave Player customers upgrade to Shockwave Player 10.1.1, which updates the Flash Asset Xtra version number to 22.214.171.124.