430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Adobe July Patch Tuesday fixes over 100 flaws in Adobe Acrobat and Reader

Adobe released July Patch Tuesday security updates that address over 100 flaws in Acrobat and Reader, and other issues in Flash Player, Experience Manager, and Connect. Adobe on Tuesday has released July Patch Tuesday security updates that addressed more than 100 flaws in its products, including 105 vulnerabilities in Acrobat and Reader, two in Flash […]

Adobe Reader

Adobe released July Patch Tuesday security updates that address over 100 flaws in Acrobat and Reader, and other issues in Flash Player, Experience Manager, and Connect.

Adobe on Tuesday has released July Patch Tuesday security updates that addressed more than 100 flaws in its products, including 105 vulnerabilities in Acrobat and Reader, two in Flash Player, three in Experience Manager, and three in Connect.

Windows and macOS versions of Adobe Acrobat and Reader were affected by tens of critical memory corruption bugs that could be exploited by an attacker for remote code execution. The list of flaws includes double-free, heap overflow, use-after-free, out-of-bounds write, type confusion, untrusted pointer dereference, and buffer error vulnerabilities.

“Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities.  Successful exploitation could lead to arbitrary code execution in the context of the current user.” reads the security advisory published by Adobe.

The July Patch Tuesday security updates also addressed a critical privilege escalation and tens of important out-of-bounds read vulnerabilities.

Many flaws fixed by Adobe were reported to the company through the Trend Micro’s Zero-Day Initiative (ZDI).

“Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 30.0.0.113 and earlier versions.  Successful exploitation could lead to arbitrary code execution in the context of the current user.” reads the advisory published by Adobe for Flash Player.

Adobe July Patch Tuesday

Adobe addressed three server-side request forgery (SSRF) vulnerabilities in Experience Manager that can lead to the exposure of sensitive information, fix authentication bypass and insecure library loading flaws in Adobe Connect. None of the flaws in Experience Manager and Adobe Connect was rated as critical.

The good news for the Adobe customers is that the company is not aware of any attack in the wild that exploited one of the flaws addressed with the July Patch Tuesday security updates.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – July Patch Tuesday security updates,  hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]