Menu
Adobe patches critical flaws in Flash Player, Reader and Acrobat

Adobe patches critical flaws in Flash Player, Reader and Acrobat

The vast majority of the flaws could allow for remote code execution

Adobe Systems released security updates for its Flash Player, Adobe Reader and Acrobat products fixing critical vulnerabilities that could allow attackers to install malware on computers.

The Flash Player update fixes 13 vulnerabilities, 12 that can lead to remote code execution and one that allows attackers to bypass a security restriction and disclose information. Adobe is not aware of any exploit for these flaws existing in the wild.

Users are advised to upgrade to Flash Player version 24.0.0.194 on Windows, Mac and Linux. The Flash Player plug-in bundled with Google Chrome, Microsoft Edge and Internet Explorer will be automatically upgraded through those browsers' respective update mechanisms.

The Adobe Reader and Acrobat updates address 29 vulnerabilities, 28 of which can lead to arbitrary code execution. Like with the Flash Player flaws, Adobe is not aware of any of these vulnerabilities being exploited by attackers.

The company advises Acrobat and Reader DC users to upgrade to version 15.023.20053 if they use the "continuous" release track or to version 15.006.30279 if they're on the "classic" track. Users of the older, but still supported, Acrobat XI and Reader XI should upgrade to version 11.0.19.

Because of their security sandbox which makes exploits significantly harder to implement, Adobe Reader and Acrobat are rarely targeted by hackers today compared to be some years ago.

However, Flash Player remains a hacker favourite, with zero-day attacks against it being relatively common and with exploits being integrated into widely used Web-based attack tools.


Follow Us

Join the newsletter!

Error: Please check your email address.

Featured

Slideshows

Sizing up the NZ security spectrum - Where's the channel sweet spot?

Sizing up the NZ security spectrum - Where's the channel sweet spot?

From new extortion schemes, outside threats and rising cyber attacks, the art of securing the enterprise has seldom been so complex or challenging. With distance no longer a viable defence, Kiwi businesses are fighting to stay ahead of the security curve. In total, 28 per cent of local businesses faced a cyber attack last year, with the number in New Zealand set to rise in 2017. Yet amidst the sensationalism, media headlines and ongoing high profile breaches, confusion floods the channel, as partners seek strategic methods to combat rising sophistication from attackers. In sizing up the security spectrum, this Reseller News roundtable - in association with F5 Networks, Kaspersky Lab, Tech Data, Sophos and SonicWall - assessed where the channel sweet spot is within the New Zealand channel. Photos by Maria Stefina.

Sizing up the NZ security spectrum - Where's the channel sweet spot?
Show Comments