Multiple critical Arbitrary Code Execution/ RCE flaws on Adobe products was patched

On February 13, Adobe released the security update to address the multi high-risk bug that exists in Acrobat and Acrobat Reader DC. An attacker could exploit some of these vulnerabilities to take control of an affected system.

Image: siliconangle

The details are below:

Vulnerability Category	Vulnerability Impact	Severity	CVE Number
Security Mitigation Bypass	Privilege Escalation	Critical	CVE-2018-4872
Heap Overflow	Arbitrary Code Execution	Critical	CVE-2018-4890, CVE-2018-4904, CVE-2018-4910, CVE-2018-4917
Use-after-free	Arbitrary Code Execution	Critical	CVE-2018-4888, CVE-2018-4892, CVE-2018-4902, CVE-2018-4911, CVE-2018-4913
Out-of-bounds write	Arbitrary Code Execution	Critical	CVE-2018-4879, CVE-2018-4895, CVE-2018-4898, CVE-2018-4901, CVE-2018-4915, CVE-2018-4916, CVE-2018-4918
Out-of-bounds read	Remote Code Execution	Important	CVE-2018-4880, CVE-2018-4881, CVE-2018-4882, CVE-2018-4883, CVE-2018-4884, CVE-2018-4885, CVE-2018-4886, CVE-2018-4887, CVE-2018-4889, CVE-2018-4891, CVE-2018-4893, CVE-2018-4894, CVE-2018-4896, CVE-2018-4897, CVE-2018-4899, CVE-2018-4900, CVE-2018-4903, CVE-2018-4905, CVE-2018-4906, CVE-2018-4907, CVE-2018-4908, CVE-2018-4909, CVE-2018-4912, CVE-2018-4914

Affected version

Product	Affected Versions	Platform
Acrobat DC (Continuous Track)	2018.009.20050 and earlier versions	Windows and Macintosh
Acrobat Reader DC (Continuous Track)	2018.009.20050 and earlier versions	Windows and Macintosh
Acrobat 2017	2017.011.30070 and earlier versions	Windows and Macintosh
Acrobat Reader 2017	2017.011.30070 and earlier versions	Windows and Macintosh
Acrobat DC (Classic Track)	2015.006.30394 and earlier versions	Windows and Macintosh
Acrobat Reader DC (Classic Track)	2015.006.30394 and earlier versions	Windows and Macintosh

Users should install patches as soon as possible.

Source: Adobe