Adobe rounded out 2016 the same way it rang in 2015, by issuing a slew of patches, including one fixing a zero-day that is currently in the wild and impacting Flash Player.
For Adobe’s final Patch Tuesday offering of the year it listed nine security bulletins covering Flash Player, InDesign and ColdFusion Builder, among other applications.
Flash Player alone listed 17 flaws under bulletin APSB16-39 with CVE-2016-7892 existing in the wild and being used in limited, targeted attacks, Adobe said in its security update. It is targeting systems running the 32-bit version of Microsoft’s Internet Explorer on Windows.
The remaining Flash Player updates resolve remote code execution, buffer overflow and memory corruption vulnerabilities.
Updates for InDesign, DNG Converter and Animate also fixed what Adobe considers critical issues, mainly memory corruption vulnerabilities.
The remaining issues were all rated as important by the company.