Flash Player 8 (8.0.22.0) and Flash Player 7 update (7.0.61.0 or 7.0.60.0) address a security vulnerability in previous versions of Flash Player, which could lead to the potential execution of arbitrary code. There was a problem with bounds validation for indexes of certain arrays in Flash Player 7 and earlier, thus leaving open the possibility that a third party could inject unauthorized code that would have been executed by Flash Player.
Solution
The current version of Macromedia Flash Player (8.0.22.0) contains a fix for the vulnerability. Users who have already upgraded to Flash Player 8 are not affected by this issue. Macromedia recommends all Flash Player 7 and earlier users upgrade to this new version, which can be downloaded from the Macromedia Player Download Center. For customers with operating systems that do not support Flash Player 8 (Microsoft Windows 95, Microsoft Windows NT, or classic Macintosh operating systems), refer to the Flash Player 7 update TechNote.
Macromedia categorizes this as a critical update and recommends affected users update to Flash Player 8.
