Adobe January Patch Tuesday Updates Released – No Security Updates For Flash!

  • 104
  •  
  •  
  •  
  •  
  •  
  •  
  •  
    104
    Shares

This week, Adobe has  released its very first Patch Tuesday update bundle for the year 2019. The Adobe January Patch Tuesday updates brought fixes for security vulnerabilities in Adobe Digital Editions and Adobe Connect. It has also released patches for Flash Player, but they are not security fixes.

Adobe January Patch Tuesday Updates Rolled-Out

This Tuesday, Adobe has rolled-out scheduled monthly updates for its products. However, this time, it has particularly focused on Adobe Digital Editions and Adobe Connect for security fixes. Besides, the update bundle is relatively smaller, unlike the previous updates that addressed tens of vulnerabilities.

According to the security advisory, Adobe has fixed an important security vulnerability in Adobe Digital Editions. Describing the problem, they stated,

“Successful exploitation could lead to information disclosure in the context of the current user.”

Reportedly, it’s an out of bounds read flaw (CVE-2018-12817) that affected the software version 4.5.9 and earlier for all platforms, i.e., Windows, MacOS, Android and iOS. Users should ensure updating their devices with the patched Adobe Digital Editions version 4.5.10.

In addition to the above, another important vulnerability existed in Adobe Connect that could result in session token exposure. As stated in the advisory, the vulnerability (CVE-2018-19718) could “lead to exposure of privileges granted to a session.”

The vulnerability affected the Adobe Connect versions 9.8.1 and earlier for all platforms. Users should, hence, ensure updating their systems with the patched version 10.1.

No Security Fixes For Adobe Reader, Acrobat And Flash Player

Besides the two security fixes, Adobe have released patches for Flash Player as well addressing performance issues. As described in the Adobe advisory,

“Adobe has released updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS.  These updates address feature and performance bugs, and do not include security fixes.”

The patched Flash Player version 32.0.0.114 has been rolled-out to be downloaded across all platforms.

This time, the update bundle did not address security problems in Adobe Reader or Acrobat. However, the vendors already released security fixes for them in the previous week. The patch addressed two critical vulnerabilities (CVE-2018-16011 and CVE-2018-16018) that could result in arbitrary code execution and privilege escalation respectively.

The following two tabs change content below.

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Feel free to leave a comment

Do NOT follow this link or you will be banned from the site!