Five popular Adobe programs were found to be riddled with security holes. Learn about the programs that were affected, their vulnerabilities, and the update created to patch the holes.
In July 2018, Adobe released a major update that patches 112 vulnerabilities in five popular Adobe apps. These programs run on a variety of platforms, including Windows, macOS, and Chrome OS.
The vast majority of vulnerabilities (104) were found in Adobe Acrobat and Acrobat Reader for Windows and macOS. If exploited, the vulnerabilities could lead to sensitive information being leaked or cybercriminals running malicious commands. In one case, the exploited vulnerability could result in cybercriminals gaining elevated privileges, allowing them to possibly gain access to other resources. Security Bulletin APSB18-21 lists all the vulnerabilities patched in Adobe Acrobat and Acrobat Reader.
The July 2018 update also patches vulnerabilities in three other apps:
- Adobe Flash Player for Windows, macOS, Linux, and Chrome OS. Two vulnerabilities exist in this software, according to Security Bulletin APSB18-24.
- Adobe Connect (all platforms). Security Bulletin APSB18-22 reports the presence of three security holes in this app.
- Adobe Experience Manager (all platforms). Three vulnerabilities are in this program, according to Security Bulletin APSB18-23.
If you are using any of these five Adobe programs, you should check the appropriate security bulletin to see if the version you are using is affected. If so, it is a good idea to make sure the software has been patched. Although the five Adobe apps are designed to automatically update, that does not guarantee the patches have been applied. An update might not get installed due to an issue on your end (e.g., the program might be configured to never check for updates) or Adobe’s end (e.g., a glitch in the update process). We can make sure that the updates have been installed if you are unsure of how to do so.