Security News > 2021 > January > Adobe Fixes 7 Critical Flaws, Blocks Flash Player Content
In tandem with Tuesday's security update, Adobe starting on Tuesday will also block Flash Player content, weeks after dropping support for Flash.
The move means that when users attempt to load a page with Flash Player, the content now will no longer load. "Since Adobe will no longer be supporting Flash Player after December 31, 2020 and Adobe will block Flash content from running in Flash Player beginning January 12, 2021, Adobe strongly recommends all users immediately uninstall Flash Player to help protect their systems," according to Adobe.
One of the most severe critical flaws has been patched in Adobe Campaign Classic, Adobe's marketing campaign management platform.
Adobe Bridge, Adobe's digital asset management app, had critical vulnerabilities tied to two CVEs, CVE-2021-21012 and CVE-2021-21013.
Adobe also fixed critical flaws in its Adobe Animate and Adobe InCopy; as well as an important-severity flaw in Adobe Captivate.
The January patches follow Adobe's regularly scheduled December security updates, where the company issued fixes for flaws tied to one important-rated and three critical-severity CVEs across its Adobe Prelude, Adobe Experience Manager and Adobe Lightroom applications.
News URL
https://threatpost.com/adobe-critical-flaws-flash-player/162958/
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-13 | CVE-2021-21012 | Unspecified vulnerability in Adobe Magento Commerce and Magento Open Source Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the checkout module. | 0.0 |
2021-01-13 | CVE-2021-21013 | Unspecified vulnerability in Adobe Magento Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the customer API module. | 8.1 |