Across the Board Fixes for Adobe

Wednesday, April 12, 2017 @ 08:04 AM gHale


Adobe issued its Tuesday patch release with Flash Player leading the pack with its seven updates.

In all, Adobe issued five security bulletins for 58 vulnerabilities, all but two fell into the critical category.

RELATED STORIES
Adobe Fixes Flash, Shockwave Holes
Microsoft Issues Flash Patches
Windows 10 Mobile Hole Allows Bypass
Adobe Updates Flash Player

Adobe listed seven critical updates for the Windows, Mac, Linux and Chrome versions of Flash Player, four of which resolve use-after-free vulnerabilities that could lead to code execution. Three others mitigate memory corruption issues that can also lead to code execution.

Another chunk of updates handle issues with Adobe Acrobat and Reader. The 47 critical flaws cited are for the Windows and Macintosh versions of the software. If left unpatched and exploited, the bugs could lead to code execution or a memory address leak.

Adobe’s Photoshop had two problems. One resolves a memory corruption vulnerability when parsing malicious PCX files that could lead to code execution, while the second update resolves an unquoted search path vulnerability in Photoshop on Windows.

The final Adobe product receiving a fix is the Creative Cloud Desktop Application. These vulnerabilities are important, but not critical. They resolve a vulnerability related to the use of improper resources permissions during the software’s installation in the former. The latter instance relates to the directory search path used to find resources that could lead to code execution.



Leave a Reply

You must be logged in to post a comment.