Adobe’s scheduled updates for April 2019 have now rolled out. Allegedly, this replace brings fixes for a number of safety vulnerabilities in Adobe Reader, Flash, and quite a few different merchandise. The Adobe April Patch Tuesday updates are vital in that they tackle quite a few crucial safety flaws.
Adobe Merchandise Flooded With A number of Safety Vulnerabilities
Adobe Patch Tuesday replace bundle targeted on fixing a number of crucial safety vulnerabilities in several Adobe merchandise. Here’s a breakdown of the patches.
With April updates, Adobe fastened a number of flaws in Adobe Reader and Acrobat DC. The updates particularly fastened 11 crucial and 10 vital vulnerabilities affecting Adobe Reader and Acrobat for Home windows and MacOS.
As defined of their advisory, the crucial ones included 5 out-of-bounds write vulnerabilities, 2 kind confusion flaws, 2 use after free flaws, and a couple of heap overflow bugs. All of those may result in arbitrary code execution upon profitable exploitation. Whereas, the vital flaws embody 10 out-of-bounds learn vulnerabilities that might end in data disclosure. Adobe launched the patches within the following software program variations.
- Acrobat DC and Acrobat Reader DC (steady observe) model 2019.010.20099
- Adobe Acrobat 2017 and Acrobat Reader DC 2017 (Basic 2017) model 2017.011.30138
- Acrobat DC and Acrobat Reader DC (Basic 2015) model 2015.006.30493
As well as, Adobe rolled-out fixes for Adobe Shockwave Participant for Home windows with model 12.3.5.205. As talked about of their advisory, the brand new software program model patches 7 crucial reminiscence corruption vulnerabilities. Upon exploit by an attacker, all of those may end in arbitrary code execution.
Adobe additionally fastened eight safety flaws in Adobe Bridge CC for Home windows and MacOS with model 9.0.3. These embody 2 totally different crucial distant code execution flaws, and 6 vital data disclosure vulnerabilities. Adobe has described these flaws in its advisory.
Different Fixes In Adobe April Patch Tuesday
Aside from the above-mentioned merchandise carrying a number of fixes, Adobe Patch Tuesday for April additionally addresses different merchandise with lesser vulnerabilities. These embody 2 crucial path traversal vulnerabilities in Adobe XD for MacOS. Exploiting these flaws may end in arbitrary code execution.
Furthermore, the replace additionally addressed a crucial arbitrary code execution and an vital data disclosure flaw in Adobe Flash Player, a crucial unsafe hyperlink processing flaw in Adobe InDesign resulting in arbitrary code execution, an vital saved cross-site scripting vulnerability disclosing delicate data in Adobe Experience Manager Forms, and a moderate-severity insecure protocol implementation bug in Adobe Dreamweaver.
The latest updates, in contrast to March Patch Tuesday, didn’t tackle any flaws in Adobe Photoshop and Digital Editions. Within the earlier month, Adobe launched a shorter replace with patches for less than two vulnerabilities.
