Patch/Configuration Management, Vulnerability Management

Adobe plugs critical bugs in Reader, Acrobat and Flash Player


On Tuesday, Adobe patched dozens of critical vulnerabilities affecting Flash Player, Reader and Acrobat.

Flash Player updates for Windows, Macintosh and Linux users resolved 18 unique bugs, an Adobe security bulletin revealed, including four memory corruption vulnerabilities and a heap overflow vulnerability that could lead to code execution. An integer overflow bug, type confusion vulnerability and use-after-free vulnerability were also among the plugged holes, which could allow code execution if left open.

Fixes for 34 bugs in Adobe Reader and Acrobat were also addressed on Tuesday, according to a separate bulletin published that day. The updates for Windows and Macintosh platforms had a priority rating of 1, the most severe in Adobe's Priority Rating System. Most of the vulnerabilities resolved were memory corruption and use-after-free vulnerabilities that could lead to code execution, and holes that could allow attackers to bypass restrictions on Javascript API execution.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.