Acrobat, Reader, Flash, Creative Cloud Patched
Friday, October 14, 2016 @ 04:10 PM gHale
Adobe released security updates that fix vulnerabilities in Acrobat, Reader, Flash and the Creative Cloud Desktop Application.
Adobe addressed a dozen critical vulnerabilities affecting the Windows, Mac, Linux and Chrome OS versions of Flash Player.
The issues include a security bypass vulnerability and various memory issues that could lead to arbitrary code execution.
Independent researchers and experts from Tencent, CloverSec Labs, COSIG and Palo Alto Networks reported the Flash Player vulnerabilities, which ended up assigned a priority rating of “1.”
The company fixed 71 critical vulnerabilities in Adobe Acrobat and Reader, although these ended up rated a level “2” priority, which makes them less likely to suffer from exploitation.
Adobe has credited researchers from Palo Alto Networks, Fortinet, the Nanyang Technological University, FireEye, ZDI, Clarified Security and Source Incite for reporting these flaws.
Adobe also released a security update for its Creative Cloud Desktop Application for Windows. The update fixes an unquoted search path vulnerability that could lead to local privilege escalation.