Adobe Released Security Updates & Fixes for 112 Vulnerabilities that Affected Adobe Products

Adobe security updates released that cover the updates for Adobe Flash Player, Experience Manager, Connect, Adobe Acrobat, and Reader.

Adobe Flash Player

Adobe released updates for the critical Flash player that affects flash player 30.0.0.113 and it’s earlier versions. By exploiting the vulnerability an attacker can run arbitrary codes without the user’s context.

The Vulnerabilities can be tracked as CVE-2018-5008, CVE-2018-5007 and it was fixed with Adobe Flash Player version 30.0.0.134.

Product	Version	Platform	Priority	Availability
Adobe Flash Player Desktop Runtime	30.0.0.134	Windows, macOS	2	Flash Player Download Center   Flash Player Distribution
Adobe Flash Player for Google Chrome	30.0.0.134	Windows, macOS, Linux, and Chrome OS	2	Google Chrome Releases
Adobe Flash Player for Microsoft Edge and Internet Explorer 11	30.0.0.134	Windows 10 and 8.1	2	Microsoft Security Advisory
Adobe Flash Player Desktop Runtime	30.0.0.134	Linux	3	Flash Player Download Center

Adobe Experience Manager

Adobe Experience Manager suffers critical Server-Side Request Forgery (SSRF) vulnerabilities, it affects from version 6.0 to 6.4. Adobe categorizes the updates in priority and recommends user’s to install the newest version.

The Vulnerabilities can be tracked as CVE-2018-5004, CVE-2018-5006 and CVE-2018-12809.

Adobe security updates for Adobe Connect

Adobe Connect 9.7.5 and it’s earliest version suffered authentication bypass vulnerability that would result in sensitive information disclosure.

Both of the vulnerabilities fixed with the version 9.8.1, along with that this update also resolves the issues with the session tokens validation.

The Vulnerabilities can be tracked as CVE-2018-4994, CVE-2018-12804 and CVE-2018-12805.

Product	Version	Platform	Priority	Availability
Adobe Connect	9.8.1	All	2	Release note

Adobe Acrobat and Reader

Adobe fixed 104 vulnerabilities with security updates for Adobe Acrobat and Reader for Windows and macOS. It covers critical and important vulnerabilities, successful exploitation of the vulnerability may lead to arbitrary code execution without user’s context.

Product	Track	Updated Versions	Platform	Priority Rating	Availability
Acrobat DC	Continuous	2018.011.20055	Windows and macOS	2	Windows macOS
Acrobat Reader DC	Continuous	2018.011.20055	Windows and macOS	2	Windows macOS
Acrobat 2017	Classic 2017	2017.011.30096	Windows and macOS	2	Windows macOS
Acrobat Reader DC 2017	Classic 2017	2017.011.30096	Windows and macOS	2	Windows macOS
Acrobat DC	Classic 2015	2015.006.30434	Windows and macOS	2	Windows macOS
Acrobat Reader DC	Classic 2015	2015.006.30434	Windows and macOS	2	Windows macOS

Users are recommended to update their software installations to the latest versions, to update manually Help for Adobe security updates > Check for Updates.

Also Read:

Cisco Released Security Updates and Fixed Critical Vulnerabilities that Affected Cisco Products

Microsoft Released Security Updates for July and Fixed 53 Security Vulnerabilities

Debian Released Security Updates for July and Fixed Multiple Package Vulnerabilities

Apple Released Security Updates for iOS, macOS, Safari, iTunes – iOS 11.4.1 Released

Google Released Security Updates for More than 40 Android Security vulnerabilities

WordPress Update 4.9.7 – Critical Security Update to Resolve Bugs and Security Issues

VMware Released Security Updates for Critical Remote Code Execution Vulnerability

Microsoft Released Critical Security Updates with Patch for 50 Critical Vulnerabilities