Adobe Patches Number of Security Vulnerabilities for Creative Cloud, Flash Player and Connect
Adobe has published security bulletins for Adobe Creative Cloud Desktop Application (APSB18-12), Adobe Flash Player (APSB18-16), and Adobe Connect (APSB18-18).
Adobe Creative Cloud Desktop ApplicationAdobe has released a security update for the Creative Cloud Desktop Application for Windows and MacOS. This update resolves a vulnerability in the validation of certificates used by Creative Cloud desktop applications (CVE-2018-4991), and an improper input validation vulnerability (CVE-2018-4992) that could lead to privilege escalation. Affected 220.127.116.118 and earlier versions on Windows and MacOS platform.
Adobe has resolved following vulnerabilities for Creative Clod packager
- Improper input validation
- Improper certificate validation
- Unquoted Search Path
To check the version of the Adobe Creative Cloud desktop app:
- Launch the Creative Cloud desktop app and sign in with your Adobe ID.
- Click the gear icon and choose Preferences > General.
Adobe Flash Player:Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 18.104.22.168 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected 22.214.171.124 and earlier versions on Windows, Macintosh and Linux platform.
Adobe Connect:An important authentication bypass vulnerability (CVE-2018-4994) exists in Adobe Connect versions 9.7.5 and earlier. Successful exploitation of this vulnerability could result in sensitive information disclosure.
Affected 9.7.5 and earlier version on all platforms.
Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant bulletin.
Last month in April, Adobe was fixed around 19 vulnerabilities in their products.