Adobe Updates for August Vulnerabilities

Adobe is a vendor that often plays catch-up with security exploits; issuing emergency patches issued to fix zero-day vulnerabilities. But Adobe, like Microsoft, also has a regular Patch Tuesday update cycle. This regularly scheduled update is a way to give users and enterprises a predictable and stable timetable for Adobe updates.

For August’s Patch Tuesday, Adobe has issued five update advisories covering its Flash Shockwave, Photoshop and RoboHelp applications.

The August Flash update addresses at least 13 vulnerabilities in Adobe’s Flash Player. According to Adobe, they are not aware of any exploits “in the wild” for the issues addressed in the update. Digging into the vulnerabilities, the vast majority are for memory and five buffer overflows, four memory corruption and three integer overflow issues. There is also a single cross-site information disclosure issue that is fixed that could have potentially led to arbitrary code execution.

Adobe has issued Flash Player 10.3.183.5 for Windows, Mac, Linux and Solaris to fix the 13 issues.

In addition to the client-side Flash Player update, Adobe is also updating the Flash Media Server to version 4.0.3 for a memory corruption vulnerability.

“The vulnerability could allow an attacker, who successfully exploits the vulnerability, to cause a denial of service on the affected system,” Adobe warned in its advisory.

While Flash often gets most of the media attention when it comes to exploits, Adobe’s Shockwave Player for Windows and Mac is also a target for security researchers and attackers. As part of the August update Adobe is patching Shockwave Player for at least seven different memory corruption vulnerabilities.

“These vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system,” Adobe warned in its Shockwave Player advisory.

Rounding out Adobe’s August patch haul is a patch for Photoshop CS5 that fixes a single flaw.

“A malicious .GIF file must be opened in Photoshop CS5 by the user for an attacker to be able to exploit this vulnerability,” Adobe warned in its Photoshop advisory.

Sean%20Michael%20Kerner%20is%20a%20senior%20editor%20at%20InternetNews.com, the news
service of Internet.com, the
network for technology professionals.

Latest articles

XDR Emerges as a Key Next-Generation Security Tool

Corporate networks are complex, and so is the myriad of cybersecurity solutions that protect them. Trying to manage all the security tools in a...

Best Encryption Tools & Software for 2020

Enterprises can invest in state of the art threat defenses like next-gen firewalls, microsegmentation and zero trust tools, but even the very best tools...

SASE: Securing the Network Edge

Dramatic growth in Internet of Things (IoT) devices and external users have forced IT departments to move storage and processing functions closer to the...

Kaspersky vs. Bitdefender: EDR Solutions Compared

Kaspersky and Bitdefender have very good endpoint security products for both business and consumer users, so they made both our top EDR and top...

Related articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here