Industry News & Analysis Vulnerabilities

Adobe Patches Flash, Reader Flaws

Adobe released security updates for several of its products on Tuesday to address a total of 59 vulnerabilities, including flaws disclosed last month at the Pwn2Own 2017 hacking competition.

A majority of the security holes, 47 to be precise, have been patched in the Windows and Mac versions of Adobe Acrobat and Reader. The vulnerabilities, rated critical with a priority rating of 2, have been described as memory corruptions that could lead to arbitrary code execution or memory address leaks.

Seven critical vulnerabilities have been patched in Adobe Flash Player. The security holes are use-after-free and memory corruption issues that could lead to code execution.

Many of the flaws patched on Tuesday were reported to Adobe via Trend Micro’s Zero Day Initiative (ZDI), including several Reader and Flash Player vulnerabilities disclosed at ZDI’s Pwn2Own competition.

ZDI has published five advisories detailing the Pwn2Own security holes tracked as CVE-2017-3062, CVE-2017-3063, CVE-2017-3055, CVE-2017-3056 and CVE-2017-3057.

Adobe has also resolved vulnerabilities in Photoshop CC for Mac and Windows, Campaign, and the Creative Cloud Desktop Application for Windows. The company has found no evidence of exploitation in the wild.


Related posts

Samsung Launches Security Solution for Smart TVs


Latest Version of Red Hat Software Collections Available Now


Several DoS Vulnerabilities Patched in NTP