The following Adobe products are affected by the vulnerablitites:
|Adobe Flash Player Desktop Runtime||126.96.36.1996 and earlier
||Windows and Macintosh
|Adobe Flash Player Extended Support Release||188.8.131.529 and earlier||Windows and Macintosh
|Adobe Flash Player for Google Chrome||184.108.40.2066 and earlier||Windows, Macintosh, Linux and ChromeOS
|Adobe Flash Player for Microsoft Edge and Internet Explorer 11||220.127.116.116 and earlier||Windows 10|
|Adobe Flash Player for Internet Explorer 11||18.104.22.1686 and earlier||Windows 8.1|
|Adobe Flash Player for Linux||22.214.171.1249 and earlier||Linux|
|AIR Desktop Runtime||126.96.36.1990 and earlier||Windows and Macintosh|
|AIR SDK||188.8.131.520 and earlier||Windows, Macintosh, Android and iOS|
|AIR SDK & Compiler||184.108.40.2060 and earlier||Windows, Macintosh, Android and iOS|
|AIR for Android||220.127.116.11 and earlier||Android|
The patch released today brings the latest version of Flash to 18.104.22.168 for Microsoft Windows and Mac OS X systems and 22.214.171.1247 for Linux systems.
Adobe credited Anton Ivanov of Kaspersky Lab, a Russian software security company that provides antivirus software, for uncovering the CVE 2016-1010 vulnerability, which is the designation for an integer overflow vulnerability that allows attackers to remotely execute malicious code on vulnerable computers. According to a Kaspersky Lab representative, "Kaspersky Lab researchers have observed the usage of this vulnerability in a very limited number of targeted attacks."
You can check which version of Flash is currently supported in your browser by visiting Adobe's www.adobe.com/software/flash/about/ page. You will see something like "You have version 21,0,0,182 installed" provided you have Flash installed and your browser isn't already blocking an outdated version. E.g. rather than seeing a version displayed by that webpage, if you have an outdated version in use when you visit the page with the Google Chrome browser, the browser itself will display "Adobe Flash Player was blocked because it is out of date."
Alternatively, you can check the version of Flash using the BrowserSPY.dk Adobe Flash Information page.
If the browser is blocking the Adobe Flash Player because it is out-of-date,
so that you can't view the version by visiting a web page that detects and
displays the version of Flash present for the browser, on an Apple OS X system
you can find the version by examining the contents of
/Library/Internet Plug-Ins/Flash Player.plugin/Contents/version.plist
$ cat "/Library/Internet Plug-Ins/Flash Player.plugin/Contents/version.plist" <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CFBundleShortVersionString</key> <string>126.96.36.1996</string> <key>CFBundleVersion</key> <string>188.8.131.526</string> <key>ProjectName</key> <string>FlashPlayer</string> </dict> </plist>
Or, you can use the grep command to display just the version number from that file.
$ grep -A 1 CFBundleVersion "/Library/Internet Plug-Ins/Flash Player.plugin/Contents/version.plist" | grep string | grep -o '[0-9,\.]\+' 184.108.40.2066