Adobe has released security updates to address vulnerabilities that could allow unauthorized access to attackers, execute commands on vulnerable computers, or increase their privileges.
The 45 critical vulnerabilities found in Adobe Acrobat and Reader are of particular concern. Because these vulnerabilities can allow an attacker to execute code on a vulnerable machine, it is strongly recommended that they be updated as quickly as possible.
Below are the current security updates for Adobe:
APSB19-48 Security Patch Available for Adobe Experience Manager
Adobe has released an Adobe Experience Manager security update that addresses 12 vulnerabilities.
These vulnerabilities could lead to information disclosure, escalation of privileges, and remote code execution, allowing an attacker to access the AEM unauthorizedly.
The latest versions of Adobe Experience Manager 6.3, 6.4 and 6.5 have fixed these vulnerabilities.
APSB19-49 Adobe Acrobat and Reader Security Update
Adobe has released Adobe Acrobat and Reader’s security update that fixes a huge 68 vulnerabilities. Of these, 45 are listed as important, since the execution for arbitrary code on compromised computers is permitted.
Considering that hackers can easily exploit such vulnerabilities, it is strongly recommended that users update Adobe Acrobat and Reader as soon as possible.
Acrobat DC Classic 2017.011.30150, Acrobat Reader DC Classic 2017.011.30150, Acrobat Reader DC Classic 2015.006.30504 and Acrobat Reader DC Classic 2015.006.30504.
APSB19-50 Security Updates Available on the Adobe Experience Manager forms
Adobe has fixed for these security vulnerabilities. In Adobe Experience Manager Forms, Adobe has remedied a vulnerability to cross-site scripting which could result in the disclosure of sensitive information to an attacker.
The latest versions of Adobe Experience Manager 6.3, 6.4 and 6.5 have corrected these vulnerabilities.
APSB19-51 Adobe Download Manager Security Update is Available
Adobe has released an Adobe Download Manager security update that addresses a privilege escalation flaw due to unsafe file permissions.
Based on the description, this vulnerability likely enables users to hijack DLL by inserting a malicious version of Adobe DLL.
The Adobe Download Manager 126.96.36.1997 solves this problem.