Minutes ago, Adobe published this month's batch of security fixes, part of the company's regular Patch Tuesday outing.
For the month of May 2018, Adobe fixed five vulnerabilities — one in Flash Player, three in the Creative Cloud Desktop application (the app that starts Photoshop, Illustrator, InDesign, and the rest of the Creative Cloud apps), and one in Connect, its web conferencing software.
By far, the most dangerous was the Flash Player vulnerability, which allowed for code execution on the user's computer. The good news is that none of these flaws had been exploited in the wild, and recent reports confirm Flash's demise [1, 2].
An important authentication bypass vulnerability (CVE-2018-4994) exists in Adobe Connect versions 9.7.5 and earlier. Successful exploitation of this vulnerability could result in sensitive information disclosure. he latest Adobe Connect version number is now: 9.7.5.