Leave a comment

13 Adobe security bugs you need to patch now!

13 Adobe security bugs you need to patch now!
© Alexmillos | Dreamstime.com

Another month, another set of security patches for Adobe's Flash Player. Last month, the company issued 13 security patches, 12 that can lead to remote execution. This month, another 13 patches have been issued and Flash users are recommended to update immediately.

Adobe patched 13 high severity vulnerabilities yesterday as part of its monthly Patch/Update Tuesday cycle. All of the flaws can lead to remote code execution due to buffer overflows and memory corruption vulnerabilities in Flash.

CVE-2017-2995 fixes a type confusion vulnerability while CVE-2017-2987 resolves an integer overflow bug.

Four updates (CVE-2017-2982, CVE-2017-2985, CVE-2017-2993, and CVE-2017-2994) are patches for use-after-free vulnerabilities that can lead to code execution.

Three updates (CVE-2017- 2984, CVE-2017-2986, and CVE-2017-2992) fix heap buffer overflow issues and another four (CVE-2017-2988, CVE-2017-2990, CVE-2017-2991, and CVE-2017-2996) resolve memory corruption vulnerabilities, all could lead to code execution.

Adobe said that none of these bugs have been exploited publicly in the wild but recommends that Flash users with version 24.0.0.194 and earlier should update as soon as possible to 24.0.0.221.

Other Adobe updates issued yesterday are nine patches for its eBook reader Adobe Digital Editions that resolve heap buffers overflow exploits and memory leak issues that can lead to code execution. Users of this program should update to version 4.5.4.

Two moderate severity vulnerabilities were also patched in Adobe Campaign for Windows and Linux, addressing a read/write access user exploit and an input validation flaw that could lead to cross-site scripting attacks.

To read Adobe's security bulletin pertaining to the Flash updates, click here.

To read more about the Adobe Digital Edition updates, click here.

For Adobe Campaign, click here.

Update Flash

For Chrome, Internet Explorer 11, and Microsoft Edge browsers, the updates should be applied automatically after a restart. For other browsers, you may need to update the Flash plugin manually.
--> Click here to use our Adobe Flash Update Tool guide for download and install instructions.

The latest Flash Player version for Windows, Mac, Chrome, Microsoft Edge and Internet Explorer 11 and Linux is 24.0.0.221.

More must-read articles:

Time to erase yourself from the internet

Check your security settings before you send another private message

Watch out for these fake @gmail emails!

Next Story
Source: Threatpost
Top Story: Time to erase yourself from the internet
Previous Happening Now

Top Story: Time to erase yourself from the internet

Samsung leaks Galaxy S8 - Is a premium model in the works?
Next Happening Now

Samsung leaks Galaxy S8 - Is a premium model in the works?

View Comments ()