Reader, Acrobat, Flash Flaws Fixed

Thursday, January 12, 2017 @ 03:01 PM gHale


Adobe released updates for Acrobat, Reader and Flash Player fixing 42 vulnerabilities.

The updates for Acrobat and Reader versions 11 and 15 fix 29 security holes, some of which could allow an attacker to take control of affected systems.

RELATED STORIES
Small Microsoft Patch Day
Industrial Companies Face Attacks
Corporate Office 365 Phishing Attack
Phishing Site Longevity Shrinking

The list of flaws includes type confusion, use-after-free, heap buffer overflow and other memory corruption bugs that could result in code execution, and a security bypass vulnerability.

The Reader and Acrobat issues came to Adobe by independent researchers and experts working for Clarified Security, Tencent, Source Incite, Fortinet, Cure53 and the Nanyang Technological University.

For Flash Player, version 24.0.0.194 patches 13 critical security holes that can lead to arbitrary code execution or information disclosure. Independent researcher Khalil Zhani and researchers from Microsoft, Google, Tencent, COSIG and Fortinet sent the vulnerabilities to Adobe.

Adobe said as of now there is no evidence attackers exploited any of the vulnerabilities.



Leave a Reply

You must be logged in to post a comment.