Adobe has nowadays introduced its month to month protection updates to handle a total of 75 safety vulnerabilities across its various items, 71 of which resides in Adobe Acrobat and Reader alone.
February 2019 patch Tuesday updates handle various crucial and important vulnerabilities in Adobe Acrobat Reader DC, Adobe Coldfusion, Innovative Cloud Desktop Software, and Adobe Flash Participant for Windows, macOS, Linux, and Chrome OS.
In accordance to the advisory introduced these days, 43 out of 71 vulnerabilities addressed by Adobe in Acrobat and Reader are rated as significant in severity, most of which could guide to arbitrary code execution in the context of the recent person upon thriving exploitation.
The update also involves a long lasting resolve for a critical, publicly disclosed zero-working day vulnerability (CVE 2019-7089) impacting Adobe Reader that could allow distant attackers to steal qualified Windows NTLM hash passwords just by tricking victims into opening a specially crafted PDF file.
A further advisory linked to Adobe Flash Player, which will acquire safety patch updates right up until the close of 2020, reveals the existence of an important out-of-bounds study vulnerability (CVE-2019-7090) that could direct to details disclosure.
ColdFusion, Adobe’s commercial fast world-wide-web application development system, also gets patches for a significant arbitrary code execution flaw and an vital cross-web page scripting vulnerability that could end result in info disclosure.
Adobe also releases safety patches for an crucial privilege escalation vulnerability (CVE-2019-7093) in its Creative Cloud Desktop Application versions 4.7..400 and before.
The corporation claims it is not knowledgeable of any in-the-wild exploit for the vulnerabilities tackled in its February 2019 Patch Tuesday updates.
Users of the influenced Adobe program and applications for Home windows and macOS units are really recommended to update their computer software packages to the most recent versions as shortly as achievable.