Adobe Plugs Security Holes in Acrobat, Reader Software
Residence › Endpoint Safety
Adobe Plugs Safety Holes in Acrobat, Reader Software program
By Ryan Naraine on January 10, 2023
Tweet
Software program maker Adobe has rolled out its first batch of safety patches for 2023 with fixes for at the least 29 safety vulnerabilities in a variety of enterprise-facing merchandise.
Essentially the most distinguished replace, for the broadly deployed Adobe Acrobat and Reader software program, fixes critical-severity flaws that expose Home windows and macOS customers to code execution assaults.
In keeping with an advisory from Adobe’s PSIRT, the safety points have an effect on Acrobat DC, Acrobat Reader DC, Acrobat 2020 and Acrobat Reader 2020.
“These updates handle important and necessary vulnerabilities. Profitable exploitation might result in software denial-of-service, arbitrary code execution, privilege escalation and reminiscence leak,” Adobe stated.
The corporate documented 15 distinct safety flaws within the Acrobat and Reader software program and urged customers to use the accessible updates instantly.
Adobe additionally rolled out fixes for critical-rated flaws within the Adobe InDesign product, warning that profitable exploitation might result in arbitrary code execution, software denial-of-service and reminiscence leaks.
The six documented Adobe InDesign vulnerabilities have an effect on customers on each Home windows and macOS platforms.
Adobe’s Patch Tuesday rollout additionally consists of patches for critical flaws in Adobe InCopy and Adobe Dimension. These flaws might expose Home windows and macOS customers to arbitrary code execution and reminiscence leaks.
The corporate stated it was not conscious of any exploits within the wild for any of the problems addressed on this batch of updates.
Associated: Zoom Patches Excessive Danger Flaws on Home windows, MacOS Platforms
Associated: ICS Patch Tuesday Debuts With Warnings From Siemens, Schneider
Associated: GitHub Introduces Automated Vulnerability Scanning Function
Get the Each day Briefing
- Most Current
- Most Learn
- Microsoft Patch Tuesday: 97 Home windows Vulns, 1 Exploited Zero-Day
- Intel Provides TDX to Confidential Computing Portfolio With Launch of 4th Gen Xeon Processors
- Adobe Plugs Safety Holes in Acrobat, Reader Software program
- Zoom Patches Excessive Danger Flaws on Home windows, MacOS Platforms
- 2023 ICS Patch Tuesday Debuts With 12 Safety Advisories From Siemens, Schneider
- Vulnerability in Well-liked JsonWebToken Open Supply Venture Results in Code Execution
- GitHub Introduces Automated Vulnerability Scanning Function
- PyPI Customers Focused With PoweRAT Malware
- Iowa’s Largest Metropolis Cancels Lessons As a consequence of Cyber Assault
- How Will a Recession Will Have an effect on CISOs?
On the lookout for Malware in All of the Fallacious Locations?
First Step For The Web’s subsequent 25 years: Including Safety to the DNS
Tattle Story: What Your Pc Says About You
Be in a Place to Act By means of Cyber Situational Consciousness
Report Reveals Closely Regulated Industries Letting Social Networking Apps Run Rampant
2010, A Nice Yr To Be a Scammer.
Do not Let DNS be Your Single Level of Failure
Easy methods to Determine Malware in a Blink
Defining and Debating Cyber Warfare
The 5 A’s that Make Cybercrime so Enticing
Easy methods to Defend In opposition to DDoS Assaults
Safety Budgets Not in Line with Threats
Anycast – Three Causes Why Your DNS Community Ought to Use It
The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Pondering Organizations
Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise