Adobe Fixes 87 Vulnerabilities! Update immediately

Adobe has just released its monthly updates that fix various vulnerabilities in its products under Patch Tuesday. Most vulnerabilities are in the company's Acrobat Writer and Reader products.

Of course the updates concern all Adobe products, (such as the well-known application ) and the vulnerabilities they fix could allow arbitrary code execution.

In general, the company has corrected 87 vulnerabilities in all Acrobat Flash Player and Adobe Media Encoder programs and has announced that it does not know which vulnerabilities are currently exploiting.

"Adobe has released security updates for Adobe Acrobat Writer and Reader for Windows and MacOS. These updates address critical and significant application vulnerabilities. Successfully exploiting them could lead to arbitrary code execution within the current user. “

The majority of vulnerabilities (84 repaired altogether) concern the application in Adobe Acrobat of the Adobe application that allows users to create and manage PDF files. 36 has been repaired by major information disclosure weaknesses and 48 unwarranted vulnerabilities that allowed arbitrary code execution.

These errors include:

six out-of-bounds write flaws (CVE-2019-7829, CVE-2019-7825, CVE-2019-7822, CVE-2019-7818, CVE-2019-7804, CVE-2019-7800),

a type of confusion glitch (CVE-2019-7820),
two heap overflow flaws (CVE-2019-7828, CVE-2019-7827),
a buffer error bug (CVE-2019-7824)
a double free vulnerability (CVE-2019-7784)
and one bypass (CVE-2019-7779).

Here are the versions of Acrobat Writer and Reader. If you are using any of the following products, please let me know immediately.

adobe

Adobe Flash Player, meanwhile, has a critical use-after-free vulnerability that could allow arbitrary code execution "within the current user" in affected systems. The defect was reported anonymously through the Trend Micro Zero Day Initiative.

CVE-2019-7837 exists in Adobe Flash Player for Desktop Runtime, Google Chrome, Edge and Internet 11 (version 32.0.0.171 and earlier). Those who use these apps should be notified immediately in the version 32.0.0.192.

Finally, there are two flaws in the 13.0.2 version of Adobe Media Encoder, a product that allows users to easily encode audio and video in various formats.

The product has a critical use-after-free glitch (CVE-2019-7842) that could allow remote code execution, as well as an important information disclosure gap (CVE-2019-7844).

If you use the application, it would be best to update Media Encoder to 13.1. On Trend Micro revealed.

____________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).