85 Adobe updates for Patch Tuesday

News by Doug Olenick

Adobe had a jumbo-sized May Patch Tuesday that addressed 85 vulnerabilities in just two products, including 49 rated as critical, including a critical patch for Flash Player.

Adobe had a jumbo-sized May Patch Tuesday that addressed 85 vulnerabilities in just two products, including 49 rated as critical, including a critical patch for Flash Player.

The Flash Player advisory covered CVE-2019-7837, a use after free flaw that could lead to arbitrary code execution in Flash Player for Windows, macOS, Linux and ChromeOS.

The critical issues addressed by Adobe’s advisory were found in Adobe Acrobat and Reader for Windows and macOS and were classified as out-of-bounds write, type confusion, use after free, heap overflow, buffer error, double free and security bypass flaws. All of these can lead to remote code execution, if exploited.

The 36 vulnerabilities rated as important are all centered on an out-of-bounds read issue that could lead to information disclosure,?if exploited.

Adobe said that none of the critical or important vulnerabilities are being exploited in the wild. Patches are available and should download automatically.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop