[German]A brief addendum from this week. Adobe released a series of security updates for products such as Adobe Acrobat DC or Adobe Reader, ColdFusion, Photoshop etc. on December 10, 2019, some of which closes critical vulnerabilities.
Security updates for Adobe Reader/Acrobat DC
According to this Adobe Security Bulletin (APSB19-55) there are critical vulnerabilities in Adobe Reader which will be closed by an update.
- Adobe DC and Acrobat Reader DC up to version 2019.021.20056
- Acrobat 2017 and Acrobat Reader 2017 (up to version 2017.011.30152, or up to version 2017.011.30155 for macOS)
- Acrobat 2015 and Acrobat Reader 2015 (up to version 2015.006.30505)
each in the versions for Windows and macOS. The update for Adobe Acrobat and Reader contains fixes for 14 critical and 7 important vulnerabilities. These errors are caused by out-of-bounds writing, use of free save after a heap overflow, unreliable pointer dereferencing, security bypass, and buffer errors in the software. All critical vulnerabilities lead to arbitrary code execution and / or can lead to disclosure of information or escalation of permissions. See the Adobe Security Bulletin (APSB19-55) for details. There you will also find the download links for the updated versions.
Other Adobe Security Updates
This Adobe site list more security advisories for December 2019 for the following products:
- APSB19-58 Security update available for Adobe ColdFusion
- APSB19-57 Security update available for Brackets
- APSB19-56 Security update available for Adobe Photoshop CC
- APSB19-55 – Security update available for Adobe Acrobat and Reader
On SecPod is an overview what has been fixed on vulnerabilities from Adobe.