HomeWinBuzzer NewsAdobe Issues Patch for 68 Critical and Important Flaws

Adobe Issues Patch for 68 Critical and Important Flaws

Adobe has rolled out its monthly patch for Acrobat and Reader, with 45 flaws deemed critical and 23 rated as important.

-

has announced an important patch for its Acrobat and Reader solutions and is advising users to update ASAP. Both products are receiving a batch of bug fixes. In total, 45 critical flaws and 23 important flaws have been shored up in this release.

According to Adobe, the updates are available on Windows and macOS versions of Acrobat DC, Acrobat Reader DC, Acrobat 2017, Reader 2017, Acrobat 2015 and Reader 2015. Looking at the critical flaws, the company says they would give bad actors the ability to run arbitrary code executions on the services.

“Successful exploitation could lead to arbitrary code execution in the context of the current user,” the software giant warns.

Adobe's monthly patch is later than normal. The company typically patches its services to coincide with 's Patch Tuesday. However, Microsoft rolled out its October Patch Tuesday a week ago.

Luckily, Adobe has confirmed none of the 68 flaws that were patched have been exploited in the wild. Still, as usual the company is telling users to update as soon as possible to avoid problems down the road.

One Problem

Adobe does say there is another important Reader flaw. Specifically, the Download Manage, which is used to help download Reader and Flash Player on Windows. The company says the feature was sending insecure file permissions which could give hackers more system privileges.

“Successful exploitation could result in unauthorized access to the AEM environment,” Adobe notes.

Intune Integration

Back in September, Microsoft and Adobe announced Microsoft Intune now integrates with Reader. On iOS and Android, Intune's application protection is enabled without the need for additional software.

“Anyone using the latest version of the standard Acrobat Reader app will now have the industry-leading protection of Intune when handling their corporate documents and forms on mobile devices,” explained Microsoft CVP Brad Anderson in a blog post.

SourceAdobe
Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News