Adobe warns Windows, macOS — Critical Acrobat and Reader vulnerabilities

silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,312
Content source
https://threatpost.com/adobe-windows-macos-critical-acrobat-reader-flaws/160903/
Adobe has fixed critical-severity flaws tied to four CVEs in the Windows and macOS versions of its Acrobat and Reader family of application software services. The vulnerabilities could be exploited to execute arbitrary code on affected products.

These critical flaws include a heap-based buffer overflow (CVE-2020-24435), out-of-bounds write glitch (CVE-2020-24436) and two use-after free flaws (CVE-2020-24430 and CVE-2020-24437). The bugs are part of Adobe’s regularly scheduled patches, which overall patched critical-, important- and moderate-severity vulnerabilities tied to 14 CVEs.

Typically Adobe releases its regularly scheduled updates on the second Tuesday of the month. However, “While Adobe strives to release regularly scheduled updates on update Tuesday, occasionally those regularly scheduled security updates are released on non-update Tuesday dates,” an Adobe spokesperson said. “The November 2020 release of Adobe Reader and Acrobat is a standard product release that includes new product features as well as fixes for bugs and security vulnerabilities.”
Click to expand...
threatpost.com

Adobe Warns Windows, MacOS Users of Critical Acrobat and Reader Flaws

The critical-severity Adobe Acrobat and Reader vulnerabilities could enable arbitrary code execution and are part of a 14-CVE patch update.
threatpost.com threatpost.com
 
  • Like
  • +Reputation
  • Thanks
Reactions: Cortex, [correlate], ForgottenSeer 85179 and 5 others
[correlate]

[correlate]

Level 18
Verified
Top Poster
Well-known
May 4, 2019
825
Adobe, the maker of the once-ubiquitous Flash Player, has removed all Flash components in the latest release of its Reader and Acrobat PDF products ahead of Flash's official death in December 2020.
The company's update also contains patches for several critical security flaws that should make the November release imperative for admins to install.
Click to expand...
www.zdnet.com

Adobe kills Flash in Acrobat and Reader – pushes out these critical security bug fixes

Adobe officially deprecates all Flash components in its popular PDF products and fixes critical security flaws.
www.zdnet.com www.zdnet.com
 
  • Like
  • Applause
Reactions: Cortex, Gandalf_The_Grey, silversurfer and 4 others
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability
Replies
0
Views
1,422
News Archive
silversurfer
silversurfer
Gandalf_The_Grey
    • +Reputation
    • Like
Security News ZDI: The November 2024 Security Update Review
Replies
2
Views
516
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
Security News ZDI: The October 2024 Security Update Review
Replies
2
Views
1,603
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top