Security Experts:

Adobe: Critical Flaws in Reader, Acrobat, Illustrator

Adobe has issued multiple security advisories with patches for critical vulnerabilities in a wide range of software products, including the ever-present Adobe Acrobat and Reader application.

The Mountain View, Calif.-based Adobe urged Windows and macOS users to treat the PDF Reader patch with the utmost priority, because the flaws expose machines to remote code execution and privilege escalation attacks.

The Acrobat and Reader update patches at least 19 documented vulnerabilities, all carrying the “critical” or “important” security ratings. 

”Successful exploitation could lead to arbitrary code execution in the context of the current user,” Adobe warned, noting that most of the flaws are memory safety issues.

In addition to the Acrobat and Reader patches, Adobe also provided cover for another 10 documented flaws in products in Adobe Illustrator, Adobe Framemaker, Adobe Dimension and Adobe Bridge.

Here’s the full list of advisories released on Tuesday:

Adobe said it was not aware of any public exploits targeting any of the security defects.

Related: Adobe: Windows Users Hit by PDF Reader Zero-Day

Related: Adobe Patches Reader Vulnerability Exploited in the Wild

Related: Adobe Patches Major Security Flaws in PDF Reader, Photoshop

view counter
Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. Ryan is a veteran cybersecurity strategist who has built security engagement programs at major global brands, including Intel Corp., Bishop Fox and GReAT. He is a co-founder of Threatpost and the global SAS conference series. Ryan's past career as a security journalist included bylines at major technology publications including Ziff Davis eWEEK, CBS Interactive's ZDNet, PCMag and PC World. Ryan is a director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world. Follow Ryan on Twitter @ryanaraine.