Adobe has released security updates to address 86 vulnerabilities affecting Mac and Windows version of Adobe Acrobat and Adobe Reader. The security updates fix 47 vulnerabilities classified as ‘critical’ and 39 flaws classified as ‘important’.
“Adobe has released security updates for Adobe Acrobat and Reader for Windows and MacOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user.” reads the security advisory published by Adobe.
46 critical vulnerabilities could be exploited by attackers to execute arbitrary code on the vulnerable systems, the remaining one is a privileges escalation bug. All the 39 flaws classified as ‘important’ are information disclosure.
Users can update their installations manually by choosing Help > Check for Updates, the full Acrobat Reader installer can be downloaded from the Acrobat Reader Download Center.
Adobe Acrobat and Adobe Reader users should install the latest versions as soon as possible (Acrobat DC and Acrobat Reader DC version 2019.008.20071, Acrobat 2017 and Acrobat Reader DC version 2017.011.30105, Acrobat DC 2015 and Acrobat Reader DC 2015 versions 2015.006.30456).
The security advisory includes the full list of patched vulnerabilities and organizations or experts that reported them,
(Security Affairs – Adobe security updates, arbitrary execution vulnerability)