Adobe Patches Several Critical Security Vulnerabilities in Today’s Patch Tuesday

Feb 12
11Shares
Submit

Adobe has released Patch Tuesday security updates to its products. The updates bring patches to Flash Player, Acrobat and Reader, ColdFusion, and Creative Cloud. One of the zero-day bugs was discovered and reported by a researcher earlier that led to data leakage in Reader. The company has now issued a fix for this vulnerability along with other bugs. Tracked as CVE 2019-7089, this data leakage issue could enable an attacker to steal NTML credentials using malicious PDF files without needing any user interaction.

Other bugs that have been fixed include several critical arbitrary code execution, privilege escalation, and information disclosure flaws. In total, Adobe has delivered fixes for 71 security vulnerabilities in Acrobat and Reader products, many of them rated critical.

Related A Full-Fledged Version Of Photoshop CC Is Coming To The iPad In 2019 – Check Out The Preview

The company has recommended users to update Acrobat DC and Acrobat Reader DC to version 2019.010.20091; Acrobat 2017 and Acrobat Reader DC 2017 to version 2017.011.30120, and Acrobat DC Classic 2015 to version 2015.006.30475 on their Windows and macOS machines. While these updates should install automatically without requiring your interaction, you can also manually install them by heading over to Help > Check for Updates. More details are available here.

Updates are also available for Adobe Flash Player

The software maker has also delivered security updates for Adobe Flash Player for Windows, macOS, Linux, and Chrome OS. Today’s update address one  important  vulnerability in Flash Player, with the company saying that the successful exploitation of this bug (tracked as CVE-2019-7090) “could lead to  information disclosure  in the context of the current user.  ”

Version 32.0.0.142 is now available for Windows, macOS, Linux, and Chrome OS. Adobe has acknowledged Trend Micro Zero Day Initiative for the discovery and disclosure of this security vulnerability. More details available here.

– For details of security updates being delivered to other Adobe products, check out the official security bulletin

Submit