请选择 进入手机版 | 继续访问电脑版

技术控

    今日:271| 主题:57560
收藏本版 (1)
最新软件应用技术尽在掌握

[其他] Adobe Fixes 81 Vulnerabilities in Acrobat, Reader, Flash

[复制链接]
╭ァ你的眼里 投递于 2016-10-12 08:18:50
209 7

Adobe Fixes 81 Vulnerabilities in Acrobat, Reader, Flash

Adobe Fixes 81 Vulnerabilities in Acrobat, Reader, Flash-1-技术控-additional,corruption,published,execution,including

Adobe patched 81 vulnerabilities across Acrobat, Reader, and Flash on Tuesday, including a handful of critical bugs that if exploited, could allow an attacker to take control of a system.
The lion’s share of vulnerabilities – 71 in total – exist in the company’s Acrobat and Reader platforms.
  According to a security bulletin published by the company on Tuesday, most of the Acrobat and Reader updates address memory corruption, use-after-free, and buffer overflow vulnerabilities – all which can lead to code execution – in the software. Two additional patches fix a bypass restriction on JavaScript API execution and a separate security bypass vulnerability that existed in the software. The update brings Acrobat DC and Reader DC to version 15.006.30243 and Acrobat XI and Reader XI to 11.0.18 on both Windows and Macintosh machines.
  The patches are the first for Reader and Acrobat sinceJuly, when Adobe addressed 38 issues in the software. This month’s fixes are the most updates the software was received sinceMay this year, when the company patched a staggering 93 vulnerabilities in Reader and Acrobat.
  Twelve vulnerabilities that affected Flash Player in Chrome, Microsoft Edge, IE 11, and Linux, were also resolved today. Like the Reader and Acrobat bugs, the majority of the patches – nine of the 12 – stem from memory corruption bugs. A Palo Alto Networks researcher who discovered eight bugs in Flash last month , Tao Yan a/k/a @Ga1ois, discovered four of the nine vulnerabilities, all memory corruption bugs, patched by Adobe on Tuesday. A security bypass vulnerability, a type confusion and use-after-free vulnerability that could lead to code execution were also fixed in Flash, according to Adobe.
  The 12 vulnerabilities in Flash marks a decrease fromlast month’s update, when Adobe patched 29 issues, most that could have led to code execution.
Adobe also took the opportunity on Tuesday to patch its Creative Cloud desktop application – an app that lets Adobe customers who subscribe to its Creative Cloud platform manage their apps and services. The update resolves an unquoted search path vulnerability in the app. Unquoted path vulnerabilities generally take advantage of the way software parses directory paths to execute code. In this case, if exploited, the vulnerability could have allowed access to resources in a parent path and subsequently, local privilege escalation, Adobe warned.
  Adobe says it’s not aware of any of the vulnerabilities being exploited in the wild but in a post to its Product Security Incident Response Team (PSIRT) Blog, encouraged users to update to the latest versions regardless.



上一篇:开始使用运行在 Linux 上的的 MongoDB on IBM Power Systems
下一篇:Debugging Titles: Part I
bright112358 投递于 2016-10-12 10:22:46
看了这么多帖子,第一次看到这么经典的!
回复 支持 反对

使用道具 举报

陈发兴 投递于 2016-10-12 10:44:35
楼主,涨姿势呃。。。。。。
回复 支持 反对

使用道具 举报

枫林﹌晚霞 投递于 2016-10-13 08:52:39
屌丝和绿茶婊太多了,还是顶╭ァ你的眼里的帖子更有意义
回复 支持 反对

使用道具 举报

y1eyfegyjd6 投递于 2016-11-14 14:19:42
楼主呀,,,您太有才了。。。
回复 支持 反对

使用道具 举报

幸福国度 投递于 2016-11-15 08:15:33
灌,是一种美德。
回复 支持 反对

使用道具 举报

sffr6582 投递于 2016-11-19 10:21:36
你踩我的脚没事,可别踩我的鞋呀!
回复 支持 反对

使用道具 举报

myg 投递于 2016-11-20 08:54:55
帮顶个帖,攒人品,说不定我就会升职加薪、当上总经理、出任CEO、迎娶白富美、走上人生巅峰,嘿嘿,想想还有点小激动。
回复 支持 反对

使用道具 举报

我要投稿

推荐阅读


回页顶回复上一篇下一篇回列表
手机版/CoLaBug.com ( 粤ICP备05003221号 | 文网文[2010]257号 | 粤公网安备 44010402000842号 )

© 2001-2017 Comsenz Inc.

返回顶部 返回列表