Multiple critical Arbitrary Code Execution/ RCE flaws on Adobe products was patched
On February 13, Adobe released the security update to address the multi high-risk bug that exists in Acrobat and Acrobat Reader DC. An attacker could exploit some of these vulnerabilities to take control of an affected system.
Image: siliconangle
The details are below:
Vulnerability Category Vulnerability Impact Severity CVE Number Security Mitigation Bypass Privilege Escalation Critical CVE-2018-4872 Heap Overflow Arbitrary Code Execution Critical CVE-2018-4890, CVE-2018-4904, CVE-2018-4910, CVE-2018-4917 Use-after-free Arbitrary Code Execution Critical CVE-2018-4888, CVE-2018-4892, CVE-2018-4902, CVE-2018-4911, CVE-2018-4913 Out-of-bounds write Arbitrary Code Execution Critical CVE-2018-4879, CVE-2018-4895, CVE-2018-4898, CVE-2018-4901, CVE-2018-4915, CVE-2018-4916, CVE-2018-4918 Out-of-bounds read Remote Code Execution Important CVE-2018-4880, CVE-2018-4881, CVE-2018-4882, CVE-2018-4883, CVE-2018-4884, CVE-2018-4885, CVE-2018-4886, CVE-2018-4887, CVE-2018-4889, CVE-2018-4891, CVE-2018-4893, CVE-2018-4894, CVE-2018-4896, CVE-2018-4897, CVE-2018-4899, CVE-2018-4900, CVE-2018-4903, CVE-2018-4905, CVE-2018-4906, CVE-2018-4907, CVE-2018-4908, CVE-2018-4909, CVE-2018-4912, CVE-2018-4914 Affected version
Product Affected Versions Platform Acrobat DC (Continuous Track) 2018.009.20050 and earlier versions Windows and Macintosh Acrobat Reader DC (Continuous Track) 2018.009.20050 and earlier versions Windows and Macintosh Acrobat 2017 2017.011.30070 and earlier versions Windows and Macintosh Acrobat Reader 2017 2017.011.30070 and earlier versions Windows and Macintosh Acrobat DC (Classic Track) 2015.006.30394 and earlier versions Windows and Macintosh Acrobat Reader DC (Classic Track) 2015.006.30394 and earlier versions Windows and Macintosh
Users should install patches as soon as possible.
Source: Adobe
