Adobe Patch Tuesday updates for May 2019 address a critical flaw in Flash Player and more than 80 vulnerabilities in Acrobat products.
Adobe Patch Tuesday updates for May 2019 address a total of 84 vulnerabilities in Acrobat and Acrobat Reader products for Windows and macOS.
The tech company addressed many critical vulnerabilities in its products, including heap overflow, buffer error, double free, use-after-free, type confusion, and out-of-bounds write issues that can be exploited to execute arbitrary code on vulnerable systems.
The list of vulnerabilities addressed by Adobe also includes several out-of-bounds read issues that can lead to information disclosure.
The good news is that none of the vulnerabilities patched by Adobe Patch Tuesday updates for May 2019 has been exploited in attacks in the wild. According to the priority ratings assigned by Adobe to the flaws, the risk of exploitation in the near future is low.
Adobe fixed a critical use-after-free vulnerability in Flash Player that can be exploited to execute arbitrary code in the context of the targeted user.
The issue tracked as CVE-2019-7837 affects Windows, macOS, Linux, and Chrome OS versions of the popular software. The vulnerability was reported to Adobe by an anonymous researcher via Trend Micro’s Zero Day Initiative (ZDI).
Adobe also fixed a critical file parsing vulnerability that can lead to remote code execution.
Adobe also released Media Encoder version 13.1 that addresses two security vulnerabilities, a critical issue tracked as CVE-2019-7842 that can leads to remote code execution and an information disclosure flaw.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.