Adobe has released updates that fix twenty-six vulnerabilities in the Adobe Acrobat, Reader, and Lightroom products.
Out of 26 flaws, 11 are rated as critical, they could be exploited by hackers to run the arbitrary code remotely or to bypass security features on the vulnerable installations.
Adobe released security updates for Adobe Acrobat and Reader for Windows and macOS, the updates cover critical and important vulnerabilities. Successful exploitation allows attackers to execute remote code in the context of the current user.
List of Vulnerabilities
| Vulnerability Category | Vulnerability Impact | Severity | CVE Number |
|---|---|---|---|
| Disclosure of Sensitive Data | Memory Leak | Important | CVE-2020-9697 |
| Security bypass | Privilege Escalation | Important | CVE-2020-9714 |
| Out-of-bounds write | Arbitrary Code Execution | Critical | CVE-2020-9693CVE-2020-9694 |
| Security bypass | Security feature bypass | Critical | CVE-2020-9696CVE-2020-9712 |
| Stack exhaustion | Application denial-of-service | Important | CVE-2020-9702CVE-2020-9703 |
| Out-of-bounds read | Information disclosure | Important | CVE-2020-9723CVE-2020-9705CVE-2020-9706CVE-2020-9707CVE-2020-9710CVE-2020-9716CVE-2020-9717CVE-2020-9718CVE-2020-9719CVE-2020-9720CVE-2020-9721 |
| Buffer error | Arbitrary Code Execution | Critical | CVE-2020-9698CVE-2020-9699CVE-2020-9700CVE-2020-9701CVE-2020-9704 |
| Use-after-free | Arbitrary Code Execution | Critical | CVE-2020-9715CVE-2020-9722 |
Fixed versions
| Product | Track | Updated Versions | Platform | Priority Rating | Availability |
|---|---|---|---|---|---|
| Acrobat DC | Continuous | 2020.012.20041 | Windows and macOS | 2 | Windows macOS |
| Acrobat Reader DC | Continuous | 2020.012.20041 | Windows and macOS | 2 | Windows macOS |
| Acrobat 2020 | Classic 2020 | 2020.001.30005 | Windows and macOS | 2 | Windows macOS |
| Acrobat Reader 2020 | Classic 2020 | 2020.001.30005 | Windows and macOS | 2 | Windows macOS |
| Acrobat 2017 | Classic 2017 | 2017.011.30175 | Windows and macOS | 2 | WindowsmacOS |
| Acrobat Reader 2017 | Classic 2017 | 2017.011.30175 | Windows and macOS | 2 | WindowsmacOS |
| Acrobat 2015 | Classic 2015 | 2015.006.30527 | Windows and macOS | 2 | WindowsmacOS |
| Acrobat Reader 2015 | Classic 2015 | 2015.006.30527 | Windows and macOS | 2 | WindowsmacOS |
Adobe Lightroom Classic for Windows and macOS covers important security updates, successful exploitation of the vulnerability allows attackers to escalate privilege.
List of Vulnerabilities
| Vulnerability Category | Vulnerability Impact | Severity | CVE Numbers |
| Insecure Library Loading | Privilege escalation | Important | CVE-2020-9724 |
Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.
Adobe Released Security Updates & Fixed 43 Vulnerabilities in Acrobat Reader, Adobe Flash & More
Some router models have identified a security vulnerability that allows attackers to bypass authentication. To exploit this vulnerability, an attacker…
Hackers often target CrushFTP servers as they contain sensitive data and are used for file sharing and storage. This makes…
DDoS attacks are a significant and growing risk that can overpower websites, crash servers, and block out authorized users with…
Hackers have leveraged an old Microsoft Office vulnerability, CVE-2017-8570, to deploy the notorious Cobalt Strike Beacon, targeting systems in Ukraine.…
In a historic move, Microsoft has made the source code for MS-DOS 4.0, one of the most influential operating systems…
A new attack campaign has been discovered to be employed by the FROZEN#SHADOW, which utilized SSLoad malware for its operations…