Tuesday, March 4, 2025
Follow us On Linkedin
HomeComputer SecurityAdobe Published Security Updates for Flash Player, Adobe Acrobat and Photoshop

Adobe Published Security Updates for Flash Player, Adobe Acrobat and Photoshop

Computer SecuritySecurity UpdateVulnerability

Published on

By Gurubaran
Adobe Published Security Updates for Flash Player, Adobe Acrobat and Photoshop

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Adobe published security updates for multiple vulnerabilities in Flash Player, Adobe Acrobat, and Photoshop that allows attackers to steal sensitive information.

APSB18-43 Photoshop CC – Adobe Security Updates

Adobe published security updates that resolve an important vulnerability in Photoshop CC 19.1.6 and earlier 19.x versions which can be exploited to steal sensitive information.

Affected Version

Photoshop CC 19.1.6 and earlier

Fixed Versions

Photoshop CC 19.1.7 and 20.0

Vulnerability Details

CVE-2018-15980 – Information disclosure

APSB18-40 – Adobe Acrobat and Reader

Adobe published security updates that fix information disclosure vulnerability with Adobe Acrobat and Reader. Successful exploitation of the vulnerability leads to the inadvertent leak of the user’s hashed NTLM password.

Affected Version

Acrobat DC 2019.008.20080 and earlier versions

Acrobat Reader DC 2019.008.20080 and earlier versions

Acrobat 2017 2017.011.30105 and earlier versions

Acrobat Reader 2017 2017.011.30105 and earlier versions

Acrobat DC 2015.006.30456 and earlier versions

Acrobat Reader DC 2015.006.30456 and earlier versions

Fixed Versions

Acrobat DC 2019.008.20080 and earlier versions

Acrobat Reader DC 2019.008.20080 and earlier versions

Acrobat 2017 2017.011.30105 and earlier versions

Acrobat Reader 2017 2017.011.30105 and earlier versions

Acrobat DC 2015.006.30456 and earlier versions

Acrobat Reader DC 2015.006.30456 and earlier versions

Vulnerability Details

CVE-2018-15979 – Information disclosure

APSB18-39 – Flash Player

The security updates address important vulnerability with Adobe Flash Player 31.0.0.122 and earlier versions. An attacker could exploit the vulnerability to steal sensitive information.

Affected Version

Adobe Flash Player Desktop Runtime 31.0.0.122 and earlier versions

Adobe Flash Player for Google Chrome 31.0.0.122 and earlier versionsChrome OS

Adobe Flash Player for Edge and IE 11 31.0.0.122 and earlier versions

Fixed Versions

Adobe Flash Player Desktop Runtime 31.0.0.148 Windows, macOS

Adobe Flash Player for Google Chrome 31.0.0.148 Windows, macOS, Linux, and Chrome OS

Adobe Flash Player for Edge and IE 11 31.0.0.148 Windows 10 and 8.1

Adobe Flash Player Desktop Runtime 31.0.0.148 Linux

Vulnerability Details

CVE-2018-15978 – Information disclosure.

With the October update, Adobe fixed 86 Vulnerabilities Fixed with Adobe Security Updates for Adobe Acrobat and Reader

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

CVE/vulnerability

BigAnt Server 0-Day Vulnerability Lets Attackers Run Malicious Code Remotely

A critical vulnerability in BigAntSoft's enterprise chat server software has exposed ~50 internet-facing systems...
Press Release

Bubba AI, Inc. is Launching Comp AI to Help 100,000 Startups Get SOC 2 Compliant by 2032.

With the growing importance of security compliance for startups, more companies are seeking to...
CVE/vulnerability

IBM Storage Virtualize Flaws Allow Remote Code Execution

Two critical security flaws in IBM Storage Virtualize products could enable attackers to bypass...
CVE/vulnerability

Progress WhatsUp Gold Path Traversal Vulnerability Exposes Systems to Remote code Execution

A newly disclosed path traversal vulnerability (CVE-2024-4885) in Progress Software’s WhatsUp Gold network monitoring...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

Register Now

More like this

CVE/vulnerability

BigAnt Server 0-Day Vulnerability Lets Attackers Run Malicious Code Remotely

A critical vulnerability in BigAntSoft's enterprise chat server software has exposed ~50 internet-facing systems...
CVE/vulnerability

IBM Storage Virtualize Flaws Allow Remote Code Execution

Two critical security flaws in IBM Storage Virtualize products could enable attackers to bypass...
CVE/vulnerability

Progress WhatsUp Gold Path Traversal Vulnerability Exposes Systems to Remote code Execution

A newly disclosed path traversal vulnerability (CVE-2024-4885) in Progress Software’s WhatsUp Gold network monitoring...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved