Adobe’s September Patch Tuesday releases included two “critical” Flash Player updates along with a single “important “one for Adobe Application Manager (Installer).
The Flash patches are for Adobe Flash Player Desktop Runtime, for Google Chrome and for Microsoft Edge and Internet Explorer 11 fixing the arbitrary code execution vulnerabilities covered by CVE-2019-8070 (use after free) and CVE-2019-8069 (same origin method execution).
Adobe reported that neither have been spotted in the wild.
The Application Manager important-rated problem, CVE-2019-8076, resolves an insecure library loading vulnerability in the installer that if exploited could lead to Arbitrary Code Execution. The vulnerability has not been seen in the wild.