Patch/Configuration Management, Vulnerability Management

Adobe’s Patch Tuesday update handles four vulnerabilities

Adobe today issued two bulletins containing four patches for the company's Digital Editions, Acrobat and Reader product lines and said a update for Flash is scheduled in a few days.

The first bulletin, APSB16-06, is for 4.5.0 and earlier versions of Adobe Digital Editions for Windows, Mac, iOS and Android. The patch fixes a critical memory corruption vulnerability that could lead to code execution.

The second bulletin, APSB16-09, fixes three vulnerabilities found in Windows and Macintosh on various versions of Acrobat DC and Reader DC, along with Acrobat XI and Reader XI. The issues are rated critical by Adobe and if left unpatched could allow an attacker to take control of the affected system.

The company noted none of these issues has been spotted in the wild.

The delay in rolling out the latest patches for Flash Player were considered a positive by at least one industry executive.

“Adobe's delay in releasing new patches for flash this cycle is curious, but not surprising. I think I speak for the entire online community when I say "I'd rather have them take a few extra days to make sure that they're getting it right," Bobby Kuzma, CISSP, systems engineer at Core Security told SCMagazine.com in an email Tuesday.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds