Adobe Patches 85 Vulnerabilities in Acrobat Products
Acrobat DC and Acrobat Reader DC (Continuous) 2019.008.20071, Acrobat 2017 and Reader DC 2017 (Classic 2017) 2017.011.30105, and Acrobat DC and Reader DC (Classic 2015) 2015.006.30456 patch a total of 85 flaws. The list includes 22 out-of-bounds write issues, 7 heap overflows, 7 use-after-free bugs, 3 type confusion issues, one double-free bug, 3 buffer errors,…
A new age of digital signatures is upon us
The increased adoption of digital signatures should not come as a surprise: many businesses are trying to digitalise their everyday processes, and digital signatures are both reliable and secure due to several features, and are increasingly easy to use. The term “digital signature” is often used interchangeably with that of “electronic signature”, but they are…
Over a Dozen Code Execution Flaws Patched in Flash Player
Adobe on Tuesday released security updates that address two dozen vulnerabilities in Flash Player, Digital Editions and the Campaigns marketing tool, but none of the flaws have been exploited in the wild. Flash Player 24.0.0.221 patches 13 critical vulnerabilities that can be exploited for arbitrary code execution, including type confusion, integer overflow, use-after-free, heap buffer…
BrandPost: Are the Adobe Flash Vulnerabilities Leaving You Feeling Scared?
Based on an analysis in 2015 of over 100 exploit kits (EKs) and known vulnerabilities, Adobe Flash was the unfortunate winner of the most frequently exploited product. Now that it’s 2017, companies are joking that maybe it’s time to give Flash the old heave ho’ to retirement. While Adobe has worked tirelessly to make Flash more…
The November 2016 Security Update Review
Adobe released two updates this month. The more critical of the two patches addresses nine CVEs in the Flash player. This comes just two weeks after Adobe issued an emergency Flash update to fix an issue currently being exploited. We’ll see this exploit later in a Windows update, too. Today’s Flash update is not being…
Flash zero-day being exploited in targeted attacks
A newly discovered zero-day vulnerability in Adobe Flash Player is being exploited by attackers in the wild. Adobe released a Security Bulletin (APSB16-36) yesterday which patches the vulnerability (CVE-2016-7855). The critical vulnerability affects Adobe Flash Player 23.0.0.185 and earlier versions for the following operating systems: Windows Mac Linux Chrome OS According to Adobe, an exploit…
Adobe Rushes Out Emergency Patch For Critical Flash Player Vulnerability
As it has numerous times in the past, Adobe this week rushed out an emergency patch to fix a critical vulnerability in its Flash Player software that would have let attackers take complete control of a vulnerable system. An exploit for the vulnerability is available in the wild and is already being used in attacks…