Adobe Reader Bug Updated ! Adobe fixes Two Critical acrobat and reader flaws
The second vulnerability, CVE-2018-19725, is a security bypass flaw for privilege escalation allowing attacker to execute code at a higher privilege level.
Critical flaws that could enable arbitrary code execution.
Adobe updates adobe acrobat and reader for windows and MacOs. The updates fix two critical vulnerabilities, CVE-2018-16011 and CVE-2018-19725. These vulnerabilities could lead to arbitrary code execution in the context of the user.
The first Vulnerability, CVE-2018-16011, is a use after free flaw that could be used for arbitrary code execution, permitting attacker’s entry onto a device in order to do any number of things such as injecting malicious script.
Trend Micro’s Zero Day Initiative, with CVE-2018-19725 being discovered internally by ZDI researcher, Abdul-Aziz Hariri, reported these two vulnerability.
Those using adobe Acrobat and reader for windows and Macos should update their software to the latest version to be at the safe side.
The patches come ahead of adobe’s scheduled security update, which is still excepted to be released on January 8th.
No comments
Post a Comment
Note: only a member of this blog may post a comment.