Adobe released security updates that fix 42 security vulnerabilities in 5 Software, among them, many of the vulnerabilities are classified as critical and important.
The update fixes critical vulnerabilities with Adobe Framemaker for Windows, which allows an attacker to execute code on the vulnerable installation with the context of the user.
Adobe Framemaker 2019.0.4 and below are affected with the vulnerability, fixed with Adobe Framemaker 2019.0.5.
Critical, important and moderate vulnerabilities fixed with security updates for Adobe Acrobat and Reader for Windows and macOS.
These vulnerabilities allow an attacker to execute the remote code with the context of the current user.
Affected Versions
| Product | Track | Affected Versions | Platform |
|---|---|---|---|
| Acrobat DC | Continuous | 2019.021.20061 and earlier versions | Windows & macOS |
| Acrobat Reader DC | Continuous | 2019.021.20061 and earlier versions | Windows & macOS |
| Acrobat 2017 | Classic 2017 | 2017.011.30156 and earlier versions | Windows |
| Acrobat Reader 2017 | Classic 2017 | 2017.011.30156 and earlier versions | macOS |
| Acrobat 2015 | Classic 2015 | 2015.006.30508 and earlier versions | Windows & macOS |
| Acrobat Reader 2015 | Classic 2015 | 2015.006.30508 and earlier versions | Windows & macOS |
Fixed Versions
| Product | Track | Updated Versions | Platform | Priority Rating | Availability |
|---|---|---|---|---|---|
| Acrobat DC | Continuous | 2020.006.20034 | Windows and macOS | 2 | Windows macOS |
| Acrobat Reader DC | Continuous | 2020.006.20034 | Windows and macOS | 2 | Windows macOS |
| Acrobat 2017 | Classic 2017 | 2017.011.30158 | Windows and macOS | 2 | WindowsmacOS |
| Acrobat Reader 2017 | Classic 2017 | 2017.011.30158 | Windows and macOS | 2 | WindowsmacOS |
| Acrobat 2015 | Classic 2015 | 2015.006.30510 | Windows and macOS | 2 | WindowsmacOS |
| Acrobat Reader 2015 | Classic 2015 | 2015.006.30510 | Windows and macOS | 2 | WindowsmacOS |
The security update fixes critical vulnerabilities with Adobe Flash Player for Windows, macOS, Linux and Chrome OS.
Successful exploitation of the vulnerability allows the attacker to execute arbitrary code with user consent.
Affected Versions
| Product | Version | Platform |
| Adobe Flash Player Desktop Runtime | 32.0.0.321 and earlier | Windows and macOS |
| Adobe Flash Player Desktop Runtime | 32.0.0.314 and earlier | Linux |
| Adobe Flash Player for Google Chrome | 32.0.0.321 and earlier | Windows, macOS, Linux and Chrome OS |
| Adobe Flash Player for Microsoft Edge and Internet Explorer 11 | 32.0.0.255 and earlier | Windows 10 and 8.1 |
Fixed Versions
| Product | Version | Platform | Priority | Availability |
| Adobe Flash Player Desktop Runtime | 32.0.0.330 | Windows, macOS | 2 | Flash Player Download CenterFlash Player Distribution |
| Adobe Flash Player for Google Chrome | 32.0.0.330 | Windows, macOS, Linux, and Chrome OS | 2 | Google Chrome Releases |
| Adobe Flash Player for Microsoft Edge and Internet Explorer 11 | 32.0.0.330 | Windows 10 and 8.1 | 2 | Microsoft Security Advisory |
| Adobe Flash Player Desktop Runtime | 32.0.0.330 | Linux | 3 | Flash Player Download Center |
The hotfixes resolve security vulnerabilities with Adobe Experience Manager AEM versions 6.5 and 6.4 rated Important.
Successful exploitation leads to a denial-of-service condition, users are recommended to apply the hotfix.
The security update for Adobe Digital Editions resolves critical and an important vulnerability. Successful exploitation leads to Arbitrary Code Execution and Information Disclosure.
Affected Versions
| Product | Version | Platform |
|---|---|---|
| Adobe Digital Editions | 4.5.10 and below | Windows |
Fixed Versions
| Product | Version | Platform | Priority | Availability |
| Adobe Digital Editions | 4.5.11 | Windows | 3 | Download Page |
Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin.
Adobe Released Security Updates & Fixed 43 Vulnerabilities in Acrobat Reader, Adobe Flash & More
Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…
The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…
A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…
Meta has announced the removal of over 2 million accounts connected to malicious activities, including…
Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…
A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…