Adobe’s browser plug-in is automatically updated in Google Chrome, Internet Explorer 10 and 11
From a total of six vulnerabilities, three of them (CVE-2014-0531, CVE-2014-0532, CVE-2014-0533) made the plug-in susceptible to cross-site scripting attacks and their discovery is attributed to Erling Ellingsen of Facebook.
Two of the flaws (CVE-2014-0534, CVE-2014-0535) allowed an attacker to bypass the security of the component, while the last one (CVE-2014-0536, attributed to Leong Wai-Meng of Trend Micro) made it vulnerable to an attack that leveraged memory corruption and permitted execution of arbitrary code.
Adobe Flash users who do not receive the update automatically are advised to install it manually as soon as possible to avoid risk