In a massive patch update on Tuesday, Adobe released security patches for 87 vulnerabilities in four of its products – Adobe Acrobat, Adobe Reader, Adobe Flash Player, and Adobe Media Encoder. As many as 84 of the 87 patches address vulnerabilities in Acrobat and Reader. Of these, 36 fall in the “information disclosure” category (rated important) while 48 are critical “arbitrary code execution” vulnerabilities. The critical flaws include 36 use-after-free vulnerabilities, 6 out-of-bounds write flaws, 1 type-confusion flaw, 2 heap-overflow flaws, 1 buffer-error bug, 1 double-free vulnerability and 1 security-bypass flaw. The remaining 3 of the 87 patches cover vulnerabilities in Flash Player and Media Encoder. Users of the affected products have been urged to update to the latest versions, with a priority update rating of “2”. A priority rating of “2” indicates that the given update resolves vulnerabilities in a product that has historically been at elevated risk and that there are currently no known exploits.
For more information on the security patches head to Adobe’s website.
Adobe Security Bulletin for Acrobat and Reader:-
Adobe Security Bulletin for Flash Player:-
Adobe Security Bulletin for Media Encoder:-