Adobe published its October 2018 Patch Tuesday updates today and it came with a big surprise. Not one security fix for Adobe Flash Player!
Unfortunately, that does not mean their other products don't have any security updates.
With this release Adobe fixes 11 vulnerabilities, with two being critical, in Adobe Framemaker, Digital Editions, and Technical Communications Suite.
Adobe Update Summary:
APSB18-35 updates available for Flash Player
Wow, this may be a first. This update does not include any security fixes for Adobe Flash Player and just address feature and performance bugs. This update brings the latest Flash Player version to 31.0.0.122.
Product | Version | Platform | Availability |
Adobe Flash Player Desktop Runtime | 31.0.0.122 | Windows, macOS | |
Adobe Flash Player for Google Chrome | 31.0.0.122 | Windows, macOS, Linux, and Chrome OS | Google Chrome Releases |
Adobe Flash Player for Microsoft Edge and Internet Explorer 11 | 31.0.0.122 | Windows 10 and 8.1 | Microsoft Security Advisory |
Adobe Flash Player Desktop Runtime | 31.0.0.122 | Linux | Flash Player Download Center |
APSB18-27 Security Updates Available for Adobe Digital Editions
Adobe has released a security update for Adobe Digital Editions, which resolve two critical vulnerabilities in the program that could allow for remote code execution and one vulnerability that could lead to information disclosure.
To resolve these vulnerabilities, Adobe suggests that you update to the latest Adobe Digital Editions version 4.5.9.
Vulnerability Category | Vulnerability Impact | Severity | CVE Numbers |
Heap overflow | Arbitrary Code Execution | Critical |
CVE-2018-12813 CVE-2018-12814 CVE-2018-12815 |
Out of bounds read | Information Disclosure | Important |
CVE-2018-12816 CVE-2018-12818 CVE-2018-12819 CVE-2018-12820 CVE-2018-12821 |
Use after free | Arbitrary Code Execution | Critical | CVE-2018-12822 |
APSB18-37 Security Updates Available for Adobe Framemaker
Adobe released a security update for Adobe Framemaker that could lead to an escalation of privileges through a insecure library loading vulnerability. To resolve this vulnerability, users should install the Adobe Framemaker 2019 Release.
Vulnerability Category | Vulnerability Impact | Severity | CVE Numbers |
Insecure Library Loading (DLL hijacking) | Privilege Escalation | Important | CVE-2018-15974 |
APSB18-38 Security Updates Available for Adobe Technical Communications Suite
Adobe has released a security update for the Adobe Technical Communications Suite that could lead to an escalation of privileges through a insecure library loading vulnerability. Installing Adobe Technical Communications Suite 2019 Release will fix this vulnerability.
Vulnerability Category | Vulnerability Impact | Severity | CVE Numbers |
Insecure Library Loading (DLL hijacking) | Privilege Escalation | Important | CVE-2018-15976 |
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now