Adobe released an update for its Flash Player, versions 188.8.131.52 and earlier. The company said that several critical security problems were discovered.
The problems include the possibility of conducting DNS rebinding attacks, execution of arbitrary code, input validation errors, and an issue with interpreting cross-domain policies. Many of the problems were first brought to light in December 2007.
The security enhancements introduced by the update could affect existing Flash content, possibly rendering it inoperable unless necessary changes are made. According to a document published by Adobe, network-enabled Flash content might need to be adjusted to work properly. The new player introduces the use of socket master policy files, socket meta-policies, and strict socket rules. Formerly socket policies were optional, but with this latest update socket policies become mandatory.