Security News

Oracle VirtualBox, Adobe Reader, Windows Hacked at Pwn2Own 2020
2020-03-20 05:12

On the second day of the Pwn2Own 2020 hacking competition, participants earned a total of $90,000 for exploits targeting Oracle VirtualBox, Adobe Reader and Windows. Amat Cama and Richard Zhu of team Fluoroacetate earned $50,000 for demonstrating that they could hijack a system by exploiting use-after-free vulnerabilities in Adobe Reader and the Windows kernel.

Delayed Adobe patches fix long list of critical flaws
2020-03-19 11:22

Obscured by a long list of Microsoft patches and some fuss about a missing SMB fix, the answer is Adobe, which normally times its update cycle to coincide with the OS giant's monthly schedule. It's mostly a practical convenience - admins and end-users get all the important client patches at once, which includes Adobe's ubiquitous Acrobat and Reader software.

Dear Adobe, Trend Micro users: Please vaccinate your software – at least some of these security holes were exploited in the wild
2020-03-18 22:06

A little more than a week after forgoing March's Patch Tuesday hullabaloo, Adobe has emitted fixes for dozens of security flaws in its applications. The ever-vulnerable Reader and Acrobat on Windows and macOS require patching for 13 CVE-listed holes, nine of which can be exploited to gain malicious code execution on vulnerable machines.

Adobe Patches Critical Flaws in Reader, ColdFusion, Other Products
2020-03-18 15:31

Security updates released this week by Adobe address numerous critical and important vulnerabilities in Genuine Integrity Service, Acrobat and Reader, Photoshop, Experience Manager, ColdFusion, and Bridge. A total of 13 flaws were patched in Acrobat and Reader for Windows and macOS, nine of which are rated critical severity, leading to arbitrary code execution in the context of the current user.

A week after Patch Tuesday, Adobe drops security fixes for six offerings
2020-03-18 14:21

Adobe failed to release security updates on March 2020 Patch Tuesday, but has pushed them out this Tuesday, for Acrobat and Reader, Photoshop, ColdFusion, Experience Manager, Bridge, and Genuine Integrity Service. The heftiest updates are those for Photoshop and Acrobat and Reader for Windows and macOS. The Photoshop updates fix 16 vulnerabilities that could be exploited for arbitrary code execution in the context of the current user and 6 that could lead to disclosure of information.

Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws
2020-03-18 13:51

Adobe has released out-of-band updates addressing critical vulnerabilities in its Photoshop and Acrobat Reader products, which if exploited could allow arbitrary code-execution. In this most recent group, Adobe Photoshop had the most vulnerabilities fixed, with 22 CVEs addressed overall, 16 of which were critical: "Adobe has released updates for Photoshop for Windows and macOS. These updates resolve multiple critical and important vulnerabilities," according to Adobe's advisory.

Adobe Releases Critical Patches for Acrobat Reader, Photoshop, Bridge, ColdFusion
2020-03-18 02:37

Though it's not Patch Tuesday, Adobe today released a massive batch of out-of-band software updates for six of its products to patch a total of 41 new security vulnerabilities. Adobe Acrobat and Reader software for Windows and macOS systems contain 13 flaws, out of which 9 are critical.

Adobe Releases Critical Patches for Acrobat Reader, Photoshop, Bridge, ColdFusion
2020-03-18 02:37

Though it's not Patch Tuesday, Adobe today released a massive batch of out-of-band software updates for six of its products to patch a total of 41 new security vulnerabilities. Adobe Acrobat and Reader software for Windows and macOS systems contain 13 flaws, out of which 9 are critical.

March 2020 Patch Tuesday: Microsoft fixes 115 vulnerabilities, Adobe none
2020-03-10 21:04

It's March 2020 Patch Tuesday and Microsoft has dropped fixes for 115 CVE-numbered flaws: 26 are critical, 88 important, and one of moderate severity. For the time being, Adobe seems to be skipping this Patch Tuesday and there's no indication whether the customary security updates are just delayed or there won't be any at all in the coming days.

Adobe fixes critical flaws in Media Encoder and After Effects
2020-02-21 10:16

After fixing a fat pile of critical security flaws as part of last week's Patch Tuesday update, Adobe has come back with two more that need urgent attention. The second is also an out-of-bounds write weakness, this time in Adobe Media Encoder, affecting Windows and macOS versions 14.02.