Patch/Configuration Management, Vulnerability Management

Adobe Patch Tuesday updates for Flash Player, Reader, Acrobat and PhotoShop

Adobe's November Patch Tuesday security updates cover an important patch for Flash Player along with similarly rated patches for Acrobat, Reader and Photoshop.

Flash Player and earlier versions for Windows, macOS, Linux and Chrome OS have an out-of-bounds read vulnerability (CVE-2018-15978) that if exploited could lead to information disclosure. Adobe rated it a priority two issue, or important, but noted there are currently no known exploits, the company said in security bulletin APSB18-39.

The Acrobat and Reader vulnerability (CVE-2018-15979) only impacts computers running Windows, Adobe reported in security bulletin APSB18-40. A successful exploit of this leak of the user’s hashed NTLM password and a proof-of-concept of the problem has been published.

Adobe also released a security update for PhotoShop CC fixing an important rated vulnerability that could lead to information disclosure if left unpatched. The issue, CVE- 2018-15980, is not known to be operating in the wild at this time, the company said in security bulletin APSB18-43.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.