Adobe Flash Player 2017 Update Tracker

In a similar manner to the 2015 and 2016 tracker that was incredibly popular on this blog; I am providing the same information below for the year 2017.

I have created a new post to make the timeline easier to follow. It will be updated throughout the year with any details of the Flash vulnerabilities being exploited.

Thank you.

=======================
10th January: Adobe releases Flash Player v24.0.0.194 resolving 13 CVEs.

14th February: Adobe releases Flash Player v24.0.0.221 again resolving 12 CVEs.

14th March: Adobe releases Flash Player v25.0.0.127 resolving 8 CVEs.

11th April: Adobe releases v25.0.0.148 resolving 7 CVEs (including some from Pwn2Own 2017).

9th May: Adobe releases Flash Player v25.0.0.171 resolving 7 CVEs.

13th June: Adobe releases Flash Player v26.0.0.126 resolving 9 CVEs.

11th July: Adobe releases Flash Player v26.0.0.137 resolving 3 CVEs. It’s refreshing to see such a small number of CVEs being patched. However it will be interesting to see if this trend continues next month.

8th August: Adobe releases Flash Player v26.0.0.151 resolving 2 CVEs. Similar to last month the number of vulnerabilities is low. It’s not yet clear if this is due to Adobe’s recent announcement to de-commission Flash Player in 2020.

12th September 2017: Adobe have released Flash Player v27.0.0.130 to resolve 2 critical CVEs. Similar to recent months the number of vulnerabilities being addressed remains low.

16th October 2017:  Adobe released Flash Player v27.0.0.170 to resolve 1 critical CVE being exploited by the BlackOasis APT group.

=======================

Update: 10th January 2017: The timeline was updated to add the Adobe Flash Player update for January 2017. At the time of writing no exploits for the issues fixed by this update are known to be taking place.

Update: 14th February 2017: The timeline was updated to add the Adobe Flash Player update for February 2017. At this time no exploits for the issues fixed by this update are known to be taking place.

Update: 14th March 2017: The timeline was updated to add the Adobe Flash Player update for March 2017. At this time no exploits for the issues fixed by this update are known to be taking place. With Pwn2Own 2017 due to take this place this month expect more updates soon.

Update: 11th April 2017: The timeline was updated to add the Adobe Flash Player update for April 2017. As before, at the time of writing no exploits for the issues fixed by this update are known to be taking place.

Update: 8th May 2017: I have corrected the number of vulnerabilities addressed in the February and March updates mentioned adove. While the numbers I originally listed were correct at the time of writing, Adobe subsequently revised them. The end of the February and March bulletins highlight the revisions made by Adobe. I will endeavor to updates these entries sooner in future.

Update: 9th May 2017: The timeline was updated to add the Adobe Flash Player update for May 2017. At this time, no exploits for the issues fixed by this update are known to be taking place.

Update: 14th June 2017: The timeline was updated to add the Adobe Flash Player update for June 2017. At the time of writing; no exploits for the issues fixed by this update are known to be taking place.

Update: 11th July 2017: The timeline was updated to add the Adobe Flash Player update for July 2017. Just like for June 2017; no exploits for the issues fixed by this update are known to be taking place.

Update: 8th August 2017: The timeline was updated to add the Adobe Flash Player update for August 2017. As before; no exploits for the issues fixed by this update are known to be taking place.

Update: 12th September 2017: The timeline was updated to include the Adobe Flash Player updates for September 2017. Similar to last month, no exploits for the issues fixed by this update are known to be taking place at this time.

Update: 18th October 2017: The timeline was updated to include the Adobe Flash Player updates for October 2017. It addresses a zero day vulnerability known to be under exploit.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s