Adobe fixed 81 security flaws in its products

Share if you likedShare on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn3

Adobe has issued security updates to patch security vulnerabilities in products such as Flash Player, Acrobat and Reader, Experience Manager (enterprise CMS), and Digital Editions (e-book reader).

The company has issued security updates for Flash Player for Windows, Mac, Linux and Chrome OS, fixing only two vulnerabilities. Adobe has addressed a critical type confusion vulnerability that could lead to code execution and an important security bypass vulnerability that could lead to information disclosure.

Adobe also fixed over 60 vulnerabilities in Adobe Reader and Acrobat for Windows and Mac, including critical memory corruption, use-after-free, and type confusion flaws.

CVE-2017-11274 (Buffer Overflow) and CVE-2017-11272 (XML External Entity Parsing) are the most critical flaws, both flaws have been described as critical remote code execution and information disclosure weaknesses.

Adobe had said that it’s not aware of any of these vulnerabilities being exploited in the wild. The company had recently stated that it has determined to end support for Flash Player by the end of 2020. Flash Player has been riddled with security vulnerabilities in the past decade, and it’s been the favourite target of malvertising and cyber-espionage campaigns for years.

The company has recommended users to update their software to the latest versions as soon as possible.

Share if you likedShare on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn3
The following two tabs change content below.

Eslam Medhat

is a professional pen-tester with over 9 years of IT experience bringing a strong background in programming languages and application security, ranging from network and system administration to exploit research and development. He reported various vulnerabilities for high profile companies and vendors and was successfully acknowledged by them.

Latest posts by Eslam Medhat (see all)

Eslam Medhat

is a professional pen-tester with over 9 years of IT experience bringing a strong background in programming languages and application security, ranging from network and system administration to exploit research and development. He reported various vulnerabilities for high profile companies and vendors and was successfully acknowledged by them.

Leave a Reply