Adobe Releases Security Updates for Multiple Products

by Christopher Garcia
Desktop & Applications Architect

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.

APSB19-48 Security updates available for Adobe Experience Manager

Priority Rating: 2

  • These updates will patch 12 vulnerabilities in AEM versions 6.3, 6.4 and 6.5. Successful exploitation could result in unauthorized access to the AEM environment.
  • These vulnerabilities are resolved in the latest versions of Adobe Experience Manager 6.3-6.5.

APSB19-49 Security update available for Adobe Acrobat and Reader

Priority Rating: 2

  • This update will patch 68 vulnerabilities. Of these vulnerabilities, 45 are classified as Critical as they allow arbitrary code execution on vulnerable computers.
  • We strongly advise that users and IT Administrators update Adobe Acrobat and Reader as soon as possible. These vulnerabilities could allow attackers to gain unauthorized access, execute commands, or elevate their privileges.
ProductTrackUpdated VersionsPriority Rating
Acrobat DCContinuous2019.021.200472
Acrobat Reader DCContinuous2019.021.200472
Acrobat DCClassic 20172017.011.301502
Acrobat Reader DCClassic 20172017.011.301502
Acrobat DCClassic 20152015.006.305042
Acrobat Reader DCClassic 20152015.006.305042

APSB19-50 Security updates available for Adobe Experience Manager Forms

Priority Rating: 3

  • This update will patch a cross-site scripting vulnerability that could result in sensitive information being disclosed to an attacker.
  • These vulnerabilities are resolved in the latest versions of Adobe Experience Manager Forms 6.3-6.5.

APSB19-51 Security update available for Adobe Download Manager

Priority Rating: 3

  • This update resolves a privileged escalation vulnerability caused by insecure file permissions.
  • This vulnerability is resolved in Adobe Download Manager 2.0.0.417. 

The definitions of the priority ratings are:

  • Priority 1: This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Adobe recommends administrators install the update as soon as possible. (for example, within 72 hours).
  • Priority 2: This update resolves vulnerabilities in a product that has historically been at elevated risk. There are currently no known exploits. Based on previous experience, we do not anticipate exploits are imminent. As a best practice, Adobe recommends administrators install the update soon (for example, within 30 days).
  • Priority 3: This update resolves vulnerabilities in a product that has historically not been a target for attackers. Adobe recommends administrators install the update at their discretion.

If you have any questions or need assistance with remediation, please contact us at service@helient.com.

Thank you for sharing... Share on Facebook
Facebook
Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin