Adobe has released its latest Flash Player revision to fix 18 critical vulnerabilities. An attacker could execute arbitrary code on vulnerable systems if he exploits one of the 15 most severe flaws. Users are advised to make sure the auto update feature from the desktop Flash Player release is turned on. Earlier versions of Flash Player or Adobe AIR on Windows, Mac, Android and iOS are affected by these flaws. The last three vulnerabilities could allow an attacker to disclose session tokens and escalate privileges. These three originate from information disclosure, heap buffer overflow vulnerabilities and permission issues.”]
Source: https://www.bitdefender.com/blog/hotforsecurity/adobe-fixes-18-critical-flaws-in-flash-player/