Adobe Releases Security Patch Updates for 11 Vulnerabilities
Adobe has
releasedits monthly security updates to address a total of 11 vulnerabilities in Adobe Digital Editions, Framemaker, and Technical Communications Suite, of which four are rated critical and rest 7 are important in severity.
Adobe has also released updated versions for
Flash Player, but surprisingly this month the software received no security patch update.
Also, none of the security vulnerabilities patched this month were either publicly disclosed or found being actively exploited in the wild.
All four critical vulnerabilities, three classified as a "heap overflow" and one "Use after free," reside in
Adobe Digital Editions, an ebook reader software program.
Successful exploitation of all the four flaws could allow an attacker to execute arbitrary code on the targeted system in the context of the current user.
Besides this, Adobe Digital Editions also received security updates for four important "Out of bounds read" vulnerabilities that could result in information disclosure.
The vulnerabilities impact Adobe Digital Editions version 4.5.8 and below for Windows, macOS, and iOS. Users are advised to download the updated version 4.5.9.
Adobe also patched two important DLL hijacking vulnerabilities in
Adobe Framemakerand Adobe Technical Communications Suite that could be exploited by loading an insecure library in the installer to escalate privileges.
The DLL hijacking flaws impact Adobe Framemaker version 1.0.5.1 and below for Windows, and
Adobe Technical CommunicationsSuite version 1.0.5.1 and below for Windows.
Adobe recommends end users and administrators to download and install the latest security patches as soon as possible.
from The Hacker News https://ift.tt/2NxMwbw