Adobe Flash Player Desktop Runtime versions 22.214.171.124 and earlier for Windows, Macintosh and Linux
Adobe Flash Player for Google Chrome versions 126.96.36.199 and earlier for Windows, Macintosh, Linux and Chrome OS
Adobe Flash Player for Microsoft Edge and Internet Explorer 11 versions 188.8.131.52 and earlier for Windows 10 and 8.1
Threat Level: High
The vulnerability occurs due to improper memory operations by the affected software which could trigger a type confusion error condition. A remote attacker could exploit this vulnerability by convincing a user to open or visit link that contains specially crafted Flash content.
If the remote attacker is able to successfuly exploit the vulnerability it could allow him to execute arbitrary code with the privileges of currently logged-in user or could take full control of the affected system.
Adobe has confirmed the vulnerability in a security bulletin and released software updates.
Users and Administrators sholud apply appropriate security updates as mentioned in the Adobe Security Bulletin APSB17-32
Users must not open email messages from suspicious or unrecognized sources.
Administrators should implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent attacks that attempt to exploit this vulnerability.