Adobe’s eight Patch Tuesday updates addressed a multitude of flaws – including 76 in Acrobat and Acrobat Reader that were rated important as well as several in Creative Cloud and Experience Manager rated critical.
Successful exploitation of the Acrobat and Acrobat Reader vulnerabilities “could lead to arbitrary code execution in the context of the current user,” according to an Adobe Security Bulletin.
“There are updates for the Continuous, Classic 2015, and Classic 2017 versions of the products,” noted Chris Goettl, director of product management, Security, at Ivanti. “There was also a non-security update for Flash, but it was not included with the release from Microsoft.”
Arbitrary code execution is also a concern for Adobe Photoshop for both Windows and Mac, for which Adobe patched 22 critical vulnerabilities such as type confusion flaws and command injection.
“The temperatures may be high this late in the summer, but I mentioned earlier not to kick back in that lawn chair and relax just yet,” said Goettl. “With a light patch load this month, it may be a good time to revisit the asset inventory of systems you are patching.”