Adobe Systems, makers of popular tools like Adobe Photoshop and Flash, has released critical security updates for several of their products in order to fix some vulnerability that could potentially allow attackers to take remote control of user?s systems running the vulnerable software.
Products that received this security patch include the Flash Player, the Adobe AIR SDK (software development kit) and the Compiler for building rich Internet applications, Adobe Acrobat, Adobe Reader, and Adobe Illustrator for CS6 (Creative Suite 6). As you can see, most of these software are fairly popular especially the Flash Player and Adobe Reader.
Security patches for the Flash Player, AIR, Acrobat, and Reader are released on a monthly basis but patch updates for the Illustrator are quite rare as the last update is around 2 years old.
According to a security advisory from Adobe, the new Illustrator hotfix addresses a vulnerability that could potentially be exploited to let hackers gain remote code execution on the affected system although they didn?t specify how. Adobe is recommending that users of Illustrator on Windows and Mac upgrade to the freshly released 16.2.2 or 16.0.5 versions depending on whether users are on a subscription or not.
For the updated Flash Player, it should have the latest version of 184.108.40.206 for Windows and Mac while Linux version should have 220.127.116.119. This update includes a total of six vulnerabilities, one of them being identified as CVE-2014-0510 which could result in arbitrary code execution and was even demonstrated by members of the Keen Team and Team 509 during the recent pwn2Own hacking competition last March. Other vulnerabilities include one where hackers could bypass the same origin policy, an important security feature that prevents content loaded from different websites from interacting with each other as well as bypass different security protections in the program.
The Adobe Acrobat and Adobe Reader also received multiple updates as there were 10 vulnerabilities that were found.
Both the Adobe Reader and Flash security updates received a priority rating of 1 from Adobe indicating that the company considers them to be easily exploitable once the patches have been reverse engineered. Windows XP users should also be weary as Adobe doesn?t provide patches for the aging operating system anymore.
To be on the safe side, make sure you have your software updated.
Photo Source: Adobe website