Saturday, July 20, 2024

Adobe Released Security Updates for 87 Vulnerabilities with Media Encoder, Flash, Adobe Acrobat and Reader

Adobe released security updates for May that includes the fix for 87 vulnerabilities with Media Encoder, Flash Player and Adobe Reader.

Successful exploitation of the vulnerability allows an attacker to run arbitrary code in the context of the current user.

Adobe Media Encoder

Adobe released security updates to resolve critical file parsing vulnerability with Media Encoder, successful exploitation of the vulnerability leads to arbitrary code execution in the context of the current user.

Media Encoder version 13.0.2 are affected, users are recommended to update with Adobe Media Encoder 13.1.

The update addresses two vulnerabilities, out of that CVE-2019-7842 is remote code execution, and CVE-2019-7844 is Information Disclosure.

Adobe Flash Player

Security updates released critical vulnerability with Adobe flash player for Windows, macOS, Linux, and Chrome OS. Successful exploitation of vulnerability leads to arbitrary code execution.

Affected versions

Adobe Flash Player Desktop Runtime
Adobe Flash Player for Google Chrome
Chrome OS
Adobe Flash Player for Microsoft Edge
and Internet Explorer 11

Fixed Versions

Adobe Flash Player Desktop Runtime
Adobe Flash Player for Google Chrome
Adobe Flash Player for Microsoft Edge
and Internet Explorer 11
Adobe Flash Player Desktop Runtime

Adobe Acrobat and Reader

The security updates cover Adobe Acrobat and Reader for Windows and macOS; it fixes critical and important vulnerabilities; successful exploitation leads to remote code execution.

Affected versions

Acrobat DC 2019.010.20100
Acrobat Reader DC 2019.010.20099
Acrobat 2017 2017.011.30140
Acrobat Reader 2017 2017.011.30138
Acrobat DC 2015.006.30495
Acrobat Reader DC 2015.006.30493

Fixed Versions

Acrobat DC 2019.012.20034
Acrobat Reader DC 2019.012.20034
Acrobat 2017 2017.011.30142
Acrobat Reader DC 2017 2017.011.30142
Acrobat DC 2015.006.30497
Acrobat Reader DC 2015.006.30497

Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin.

The patches can be deployed through Patch Manager plus, where you can pre-built, tested, ready-to-deploy packages.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Master in Wireshark Network Analysis to keep your self-updated.

75 Vulnerabilities Fixed with Adobe Security Updates for February 2019

Adobe Released Security Patches for Digital Editions and Connect


Latest articles

Hackers Claiming Dettol Data Breach: 453,646 users Impacted

A significant data breach has been reported by a threat actor known as 'Hana,'...

CrowdStrike Update Triggers Widespread Windows BSOD Crashes

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users,...

Operation Spincaster Disrupts Approval Phishing Technique that Drains Victim’s Wallets

Chainalysis has launched Operation Spincaster, an initiative to disrupt approval phishing scams that have...

Octo Tempest Know for Attacking VMWare ESXi Servers Added RansomHub & Qilin to Its Arsenal

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which...

TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and...

macOS Users Beware Of Weaponized Meeting App From North Korean Hackers

Meeting apps are often targeted and turned into weapons by hackers as they are...

Hackers Exploiting Legitimate RMM Tools With BugSleep Malware

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles