Adobe Patches Security Issues
Thursday, March 10, 2016 @ 03:03 PM gHale
After Adobe pre-released flaws in some of its products, it officially issued updates for Acrobat, Reader and Digital Editions.
With the release of Acrobat and Reader versions 15.010.20060, 15.006.30121 and 11.0.15 for Windows and Mac, Adobe fixed three flaws, including memory corruption issues and a directory search path bug.
All of those problems could end up leveraged to execute arbitrary code.
Adobe has credited AbdulAziz Hariri and Jasiel Spelman of the Zero Day Initiative, and Jaanus Kp of Clarified Security for responsibly disclosing the vulnerabilities in Reader and Acrobat.
Adobe updated Digital Editions eReader software for Windows, Mac, Android and iOS versions to 4.5.1 in order to fix a critical memory corruption vulnerability that could lead to code execution. The hole, reported by Pier-Luc Maltais of COSIG, affects version 4.5.0 and earlier of the product.
Adobe said there is no evidence the Acrobat, Reader and Digital Editions flaws patched this week ended up exploited for malicious purposes.