Multiple Vulnerabilities in Adobe Acrobat & Reader Could Allow for Arbitrary Code Execution
Adobe released its October Security Update which contains multiple vulnerability advisories in October covering Adobe Experience Manager, Adobe Download Manager, Acrobat DC and Acrobat Reader DC.
Adobe released its pre-announced out-of-band security updates to patch a total of 82 security vulnerabilities across various Adobe products. The most severe flaws include 45 critical vulnerabilities that have been discovered in Adobe Acrobat and Adobe Reader, the most severe of which could allow for arbitrary code execution.
Adobe Acrobat and Reader allow a user to view, create, manipulate, print and manage files in Portable Document Format (PDF). Successful exploitation of the most severe of these vulnerabilities could result in the attacker gaining control of the affected system. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- APSB19-48 - Security updates available for Adobe Experience Manager
- APSB19-49 - Security updates available for Adobe Acrobat and Reader
- APSB19-50 - Security updates available for Adobe Experience Manager Forms
- APSB19-51 - Security Updates Available for Adobe Download Manager
Run the Adobe Security Update Audit Report
Since Adobe software is frequently used in corporate environments, it is important to keep these software packages up to date to prevent any security risks. We've created an Adobe Audit Report which checks if the assets in your network are on the latest Adobe patch update. It gives you an easy and quick overview of which assets are up-to-date, and which ones still need to be patched. All admins are advised to install these security updates as soon as possible.
If you haven't already, start your free trial of Lansweeper to run the Adobe Security Update Report.