Adobe has released four security updates for Adobe Flash Player (APSB17-23), Adobe Experience Manager (APSB17-26), Adobe Acrobat and Reader (APSB17-24) and Adobe Digital Editions (APSB17-27) which covers a total of 80 CVE’s.

Adobe Flash Player address a critical type confusion vulnerability that could lead to code execution and an important security bypass vulnerability that could lead to information disclosure.
Adobe Acrobat and Reader address vulnerabilities rated Critical and Important that could potentially allow an attacker to take control of the affected system.
Adobe Digital Editions updates resolves a critical heap buffer overflow vulnerability that could lead to code execution, seven memory corruption vulnerabilities rated important that could lead to disclosure of memory addresses and an XML external entity processing vulnerability rated critical that could lead to information disclosure.
Adobe Experience Manager updates resolve an important file type validation vulnerability and two moderate information disclosure vulnerabilities.

Priority of Patch :

Product: 
Adobe Flash Player
Severity Rating: Critical
Impact: Remote Code Execution

Product: Adobe Acrobat and Reader
Severity Rating: Critical
Impact: Remote Code Execution

Product: Adobe Digital Editions
Severity Rating: Critical
Impact: Memory Address Disclosure

Here are the details of Critical Security Updates and Security Advisory:


APSB17-23 (Adobe Flash Player):

  • An unspecified security-bypass vulnerability that could lead to disclosure of sensitive information (CVE-2017-3085).
  • An unspecified type confusion vulnerability that could lead to remote code execution (CVE-2017-3106).
  • Affected Versions:
    Adobe Flash Player Desktop Runtime 26.0.0.137 and earlier versions on Windows and Macintosh and Linux.
    Adobe Flash Player for Google Chrome 26.0.0.137 and earlier versions on Windows, Macintosh, Linux, and ChromeOS.
    Adobe Flash Player for Microsoft Edge and Internet Explorer 26.0.0.137 and earlier versions for Windows 10 and 8.1

APSB17-27 (Adobe Digital Editions):


APSB17-24 (Adobe Acrobat and Reader):


APSB17-26 (Adobe Experience Manager):

  • A file validation flaw during file upload to execute arbitrary code on the target system. (CVE-2017-3108)
  • An information disclosure vulnerability.(CVE-2017-3107, CVE-2017-3110)
  • Affected Versions:
    AEM 6.0, 6.1, 6.2, 6.3 and earlier.

SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.

Summary
Adobe Security Updates for August 2017
Article Name
Adobe Security Updates for August 2017
Author
Publisher Name
SecPod Technologies
Publisher Logo
Loading Facebook Comments ...

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>