Across the Board Fixes for Adobe
Wednesday, April 12, 2017 @ 08:04 AM gHale
Adobe issued its Tuesday patch release with Flash Player leading the pack with its seven updates.
In all, Adobe issued five security bulletins for 58 vulnerabilities, all but two fell into the critical category.
Adobe listed seven critical updates for the Windows, Mac, Linux and Chrome versions of Flash Player, four of which resolve use-after-free vulnerabilities that could lead to code execution. Three others mitigate memory corruption issues that can also lead to code execution.
Another chunk of updates handle issues with Adobe Acrobat and Reader. The 47 critical flaws cited are for the Windows and Macintosh versions of the software. If left unpatched and exploited, the bugs could lead to code execution or a memory address leak.
Adobe’s Photoshop had two problems. One resolves a memory corruption vulnerability when parsing malicious PCX files that could lead to code execution, while the second update resolves an unquoted search path vulnerability in Photoshop on Windows.
The final Adobe product receiving a fix is the Creative Cloud Desktop Application. These vulnerabilities are important, but not critical. They resolve a vulnerability related to the use of improper resources permissions during the software’s installation in the former. The latter instance relates to the directory search path used to find resources that could lead to code execution.
Leave a Reply
You must be logged in to post a comment.