Adobe logo

Adobe published its October 2018 Patch Tuesday updates today and it came with a big surprise. Not one security fix for Adobe Flash Player!

Unfortunately, that does not mean their other products don't have any security updates.

With this release Adobe fixes 11 vulnerabilities, with two being critical, in Adobe Framemaker, Digital Editions, and Technical Communications Suite.

Adobe Update Summary:

APSB18-35 updates available for Flash Player

Wow, this may be a first. This update does not include any security fixes for Adobe Flash Player and just address feature and performance bugs. This update brings the latest Flash Player version to 31.0.0.122.

Product Version Platform Availability
Adobe Flash Player Desktop Runtime 31.0.0.122 Windows, macOS

Flash Player Download Center

Flash Player Distribution
Adobe Flash Player for Google Chrome 31.0.0.122 Windows, macOS, Linux, and Chrome OS  Google Chrome Releases
Adobe Flash Player for Microsoft Edge and Internet Explorer 11 31.0.0.122 Windows 10 and 8.1 Microsoft Security Advisory
Adobe Flash Player Desktop Runtime 31.0.0.122 Linux Flash Player Download Center

APSB18-27 Security Updates Available for Adobe Digital Editions

Adobe has released a security update for Adobe Digital Editions, which resolve two critical vulnerabilities in the program that could allow for remote code execution and one vulnerability that could lead to information disclosure.

To resolve these vulnerabilities, Adobe suggests that you update to the latest Adobe Digital Editions version 4.5.9.

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Heap overflow Arbitrary Code Execution Critical

CVE-2018-12813

CVE-2018-12814

CVE-2018-12815
Out of bounds read Information Disclosure Important

CVE-2018-12816

CVE-2018-12818

CVE-2018-12819

CVE-2018-12820

CVE-2018-12821
Use after free Arbitrary Code Execution Critical CVE-2018-12822

APSB18-37 Security Updates Available for Adobe Framemaker

Adobe released a security update for Adobe Framemaker that could lead to an escalation of privileges through a insecure library loading vulnerability. To resolve this vulnerability, users should install the Adobe Framemaker 2019 Release.

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Insecure Library Loading (DLL hijacking) Privilege Escalation Important CVE-2018-15974

APSB18-38 Security Updates Available for Adobe Technical Communications Suite

Adobe has released a security update for the Adobe Technical Communications Suite that could lead to an escalation of privileges through a insecure library loading vulnerability. Installing Adobe Technical Communications Suite 2019 Release will fix this vulnerability.

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Insecure Library Loading (DLL hijacking) Privilege Escalation Important CVE-2018-15976

Related Articles:

Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs

Critical Rust flaw enables Windows command injection attacks

Windows 10 KB5036892 update released with 23 new fixes, changes

Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs

Apple fixes two new iOS zero-days exploited in attacks on iPhones