Patch/Configuration Management, Vulnerability Management

Adobe Patch Tuesday: fix issues for Zero-day in Flash Player

Adobe rounded out 2016 the same way it rang in 2015, by issuing a slew of patches, including one fixing a zero-day that is currently in the wild and impacting Flash Player.

For Adobe's final Patch Tuesday offering of the year it listed nine security bulletins covering Flash Player, InDesign and ColdFusion Builder, among other applications.

Flash Player alone listed 17 flaws under bulletin APSB16-39 with CVE-2016-7892 existing in the wild and being used in limited, targeted attacks, Adobe said in its security update. It is targeting systems running the 32-bit version of Microsoft's Internet Explorer on Windows.

The remaining Flash Player updates resolve remote code execution, buffer overflow and memory corruption vulnerabilities.

Updates for InDesign, DNG Converter and Animate also fixed what Adobe considers critical issues, mainly memory corruption vulnerabilities.

The remaining issues were all rated as important by the company.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.