It was a poor Patch Tuesday this month for Adobe that only addressed a moderate severity regression issue affecting Flash Player tracked as CVE-2017-11305.
The vulnerability was described as a “business logic error,” that can cause the unintended reset of the global settings preference file.
“Adobe has released a security update for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. This update addresses a regression that could lead to the unintended reset of the global settings preference file.” reads the Adobe Security Bulletin.
According to the company, there is no evidence of exploitation in the wild.
The regression issue affects version 22.214.171.124 and earlier of Flash Player on Windows, Mac, Linux and Chrome OS. Adobe patched the flaw with the release of version 126.96.36.199. Microsoft has also updated the Flash Player components used by its software in order to address this issue.
In November, Adobe addressed a total of 80 vulnerabilities across 9 products, most of which for Acrobat and Reader, including dozens of RCE issues.
(Security Affairs – Adobe Adobe Flash, hacking)