Adobe Systems is shielding its clients from malware attackers. The multinational computer software company is doing so by launching security patches for its famous products Flash Player, Adobe Reader and Acrobat. Apparently, Adobe worked on addressing the vulnerabilities it found in the Flash Player, Adobe Reader and Acrobat late last year. The end-result of its labor is the first security patches for the trio this year. With the new updates, users will not have to worry about attackers targeting critical vulnerabilities to install malware on their computers, according to PC World.
Adobe's scheduled October update for its Acrobat and Reader PDF software addresses 85 vulnerabilities, including dozens of critical flaws that allow arbitrary code execution. The patches also address multiple privilege-escalation and information-disclosure flaws, shoring up Adobe's PDF software further following a patch for a critical Acrobat and Reader flaw plugged two weeks ago. The flaws affect the software running on Windows and macOS systems. This update is the largest set of fixes Adobe's PDF software since it swatted 105 vulnerabilities in July. However, fortunately the company says it is not currently aware of any exploits in the wild for bugs fixed in this update.
Adobe has released a security update which resolves two critical vulnerabilities uncovered in Adobe Acrobat and Reader software. The software giant said the bugs are deemed critical, as they can lead to privilege escalation and arbitrary code execution in the context of the current user. Adobe revealed the security flaws in a security bulletin published on Thursday. The first vulnerability, CVE-2018-16011, is a use-after-free problem which can lead to arbitrary code execution if exploited -- which, in turn, could permit the execution of malware payloads, account hijacking, and more. The second security flaw, CVE-2018-19725, is a security bypass issue which permits attackers to ramp up their privilege levels, potentially leading to attacks and system tampering taking place with additional freedoms beyond the usual confines of a user account.
Adobe Systems is working on a patch for a critical vulnerability in Flash Player that hackers are already exploiting in attacks. In the meantime, the company has released other security patches for Reader, Acrobat, and ColdFusion. The Flash Player vulnerability is being tracked as CVE-2016-4117 and affects Flash Player versions 22.214.171.124 and earlier for Windows, OS X, Linux, and Chrome OS. Successful exploitation can allow attackers to take control of affected systems. "Adobe is aware of a report that an exploit for CVE-2016-4117 exists in the wild," the company said in an advisory published Tuesday.