Recently, Adobe launched a number of cybersecurity patches for Acrobat and Reader, addressing a total of 41 vulnerabilities, 17 of which are considered critical. The company states that some of these could even grant an attacker full control over one’s system.
This is not only relevant for Microsoft Windows users, but Mac users too, as the vulnerabilities affect both operating systems. Reportedly, this matters if you’re running the 2017 version of the above-mentioned Adobe programs or an earlier one.
One of the exploits that has been patched involved fixing a critical security mitigation bypass. This exploit could lead to privilege escalation. Another exploit has to do with a number of heap overflow bugs, the exploitation of which would allow for arbitrary code execution.
Out-of-bounds write bugs were also on the list, but have now been fixed. They were problematic due to allowing remote code execution.
In other news, Adobe Experience Manager also received a couple of cybersecurity updates, which touch upon a cross-site scripting vulnerability and the Apache Sling XSS protection API. Both allowed for unwanted sensitive data leakage, which is no longer possible.
These updates were made thanks to the efforts of several cybersecurity researchers, including Trend Micro’s Zero Day Initiative, Cisco Talos, and Xuanwu Lab.
It cannot be stressed enough: if you use the above-mentioned software, you are encouraged to update as soon as you can. By doing so, you increase your protection from becoming a target of hackers who would gladly take advantage of these vulnerabilities.