U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Adobe addressed two critical flaws in Adobe Acrobat, Reader

The first Adobe security updates for 2019 addresses two critical vulnerabilities in the Acrobat and Reader products. Adobe addressed two critical vulnerabilities in the Acrobat and Reader products, a use-after-free issue and a security bypass flaw. The flaws affect the latest versions of Acrobat DC, Acrobat Reader DC, Acrobat 2017 and Acrobat Reader DC 2017 for Windows […]

Adobe Acrobat Reader-DC

The first Adobe security updates for 2019 addresses two critical vulnerabilities in the Acrobat and Reader products.

Adobe addressed two critical vulnerabilities in the Acrobat and Reader products, a use-after-free issue and a security bypass flaw.

The flaws affect the latest versions of Acrobat DC, Acrobat Reader DC, Acrobat 2017 and Acrobat Reader DC 2017 for Windows and macOS.

“Adobe has released security updates for Adobe Acrobat and Reader for Windows and MacOS. These updates address critical vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user.” reads the security advisory published by Adobe.

The first flaw tracked as CVE-2018-16011 is a use-after-free bug that can lead to arbitrary code execution in the context of the current user. The second issue tracked as CVE-2018-19725 , is a security bypass vulnerability that can result in privilege escalation.

Both flaws received a priority rating of 2 because experts at Adobe believe that their exploitation is not imminent.

Adobe credited Sebastian Apelt and Abdul Aziz Hariri respectively for reporting the CVE-2018-16011 and the CVE-2018-19725 flaws.

Both experts reported the flaws via the Trend Micro’s Zero Day Initiative (ZDI).

Adobe urges administrators to install the security patches within 30 days.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Adobe Acrobat, hacking)

[adrotate banner=”5″] [adrotate banner=”13″]