Adobe patches 42 vulnerabilities – Updates Adobe Flash, Acrobat, and Reader

Adobe has recently released updates for Adobe Reader, Acrobat and Flash that resolve a total of 42 security vulnerabilities. As many of these vulnerabilities are rated as Critical, it is strongly advised that anyone using these products immediately update them to the latest version.

The Flash update addresses 13 vulnerabilities, all but one of which trigger remote code execution attacks. Meanwhile, 29 bugs were patched in Reader and Acrobat, and all but one enable code execution.

Adobe Security Update Summary:

APSB17-01 Security Updates Available for Adobe Acrobat and Reader

Adobe has released security updates that resolve 29 vulnerabilities in Adobe Acrobat and Reader for Windows and Macintosh. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

CVE number: CVE-2017-2939, CVE-2017-2940, CVE-2017-2941, CVE-2017-2942, CVE-2017-2943, CVE-2017-2944, CVE-2017-2945, CVE-2017-2946, CVE-2017-2947, CVE-2017-2948, CVE-2017-2949, CVE-2017-2950, CVE-2017-2951, CVE-2017-2952, CVE-2017-2953, CVE-2017-2954, CVE-2017-2955, CVE-2017-2956, CVE-2017-2957, CVE-2017-2958, CVE-2017-2959, CVE-2017-2960, CVE-2017-2961, CVE-2017-2962, CVE-2017-2963, CVE-2017-2964, CVE-2017-2965, CVE-2017-2966, CVE-2017-2967.

Vulnerability Details:

  • These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2017-2962).
  • These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2017-2950, CVE-2017-2951, CVE-2017-2955, CVE-2017-2956, CVE-2017-2957, CVE-2017-2958, CVE-2017-2961).
  • These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2017-2942, CVE-2017-2945, CVE-2017-2946, CVE-2017-2949, CVE-2017-2959, CVE-2017-2966).
  • These updates resolve buffer overflow vulnerabilities that could lead to code execution (CVE-2017-2948, CVE-2017-2952).
  • These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-2939, CVE-2017-2940, CVE-2017-2941, CVE-2017-2943, CVE-2017-2944, CVE-2017-2953, CVE-2017-2954, CVE-2017-2960, CVE-2017-2963, CVE-2017-2964, CVE-2017-2965, CVE-2017-2967).
  • These updates resolve a security bypass vulnerability (CVE-2017-2947).
APSB17-02 Security updates available for Adobe Flash Player

Adobe has released security updates that resolve 13 vulnerabilities in Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

CVE number: CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931, CVE-2017-2932, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935, CVE-2017-2936, CVE-2017-2937, CVE-2017-2938.

Vulnerability Details:

  • These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2017-2938).
  • These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2017-2932, CVE-2017-2936, CVE-2017-2937).
  • These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2017-2927, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935).
  • These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-2925, CVE-2017-2926, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931).
Share This:
Facebooktwittergoogle_plusredditpinterestlinkedintumblr

Leave a Reply

Your email address will not be published. Required fields are marked *