Adobe security updates released for April with the fixes of 43 vulnerabilities that affected different Adobe products.
There are 8 different Adobe products are affected including Adobe Flash Player, Shockwave Player, Dreamweaver, Adobe XD CC, Adobe Experience Manager Forms, and Adobe Bridge CC.
In this case, Overall 21 adobe family vulnerabilities are fixed and 11 flaws marked as ‘Critical” severity and the Successful exploitation could lead to arbitrary code execution in the context of the current user.
| Out-of-Bounds Write | Arbitrary Code Execution | Critical | CVE-2019-7111 CVE-2019-7118 CVE-2019-7119 CVE-2019-7120 CVE-2019-7124 |
| Type Confusion | Arbitrary Code Execution | Critical | CVE-2019-7117CVE-2019-7128 |
| Use After Free | Arbitrary Code Execution | Critical | CVE-2019-7088CVE-2019-7112 |
| Heap Overflow | Arbitrary Code Execution | Critical | CVE-2019-7113CVE-2019-7125 |
Adobe fixed all the 43 vulnerabilities for the following products.
At this time none of the vulnerabilities are currently being exploited in the wild.
According to Adobe. “Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These update address critical and important vulnerabilities”
“Successful exploitation could lead to arbitrary code execution in the context of the current user.”
Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin.
Also, Adobe recommends users of the Adobe Flash Player Desktop Runtime for Windows, macOS and Linux update to Adobe Flash Player 32.0.0.171 via the update mechanism Adobe Flash Player Download Center.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates.
Also Read:Creating and Analyzing a Malicious PDF File with PDF-Parser Tool
A groundbreaking technique for Kerberos relaying over HTTP, leveraging multicast poisoning, has been recently detailed…
Since mid-2024, cybersecurity researchers have been monitoring a sophisticated Android malware campaign dubbed "Tria Stealer,"…
Proton, the globally recognized provider of privacy-focused services such as Proton VPN and Proton Pass,…
The cybersecurity landscape faces increasing challenges as Arcus Media ransomware emerges as a highly sophisticated…
Proofpoint researchers have identified a marked increase in phishing campaigns and malicious domain registrations designed…
A recent investigation by Unit 42 of Palo Alto Networks has uncovered a sophisticated, state-sponsored…