Patch/Configuration Management, Vulnerability Management

Adobe patches critical Flash, Reader and Acrobat vulnerabilities

Adobe released updates to Flash, AIR, Reader and Acrobat on Tuesday, as well as for earlier versions on Windows and Macintosh (and Linux, for Flash) operating systems, to address vulnerabilities that can cause crashes and allow attackers to take control of affected computers.

The Flash and AIR updates resolve vulnerabilities that could be used to bypass Flash Player security protections, according to an Adobe release, as well as resolve an address leak issue that could "defeat memory address layout randomization."

The Reader and Acrobat patches address memory corruption flaws that could lead to code execution, as well as resolve a "use-after-free" vulnerability that could also lead to code execution.

The company considers most of these vulnerabilities to be critical, meaning the exploits are actively being targeted and should be patched immediately.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.