We get it: Ads are not what you are here for. But ads help us keep the lights on. So, add us to your adblock's whitelist or register for free to remove this notice. Either way, you are supporting our journalism. We'd really appreciate it.
The update address several critical and important vulnerabilities in Adobe Acrobat Reader DC, Adobe Coldfusion, Creative Cloud Desktop Application, and Adobe Flash Player for Windows, macOS, Linux, and Chrome OS.
The security updates cover 75 vulnerabilities out of them 71 resides with the Adobe Acrobat and Reader itself.
The affected versions are as follow.
Acrobat DC 2019.010.20069 and earlier versions Acrobat Reader DC 2019.010.20069 and earlier versions Acrobat 2017 Classic 2017 2017.011.30113 and earlier version Acrobat Reader 2017 Classic 2017 2017.011.30113 and earlier version Acrobat DC Classic 2015 2015.006.30464 and earlier versions Acrobat Reader DC Classic 2015 2015.006.30464 and earlier version ColdFusion 2018 Update 1 and earlier versions ColdFusion 2016 Update 7 and earlier versions ColdFusion 11 Update 15 and earlier versions Creative Cloud Desktop Application (installer) 22.214.171.1240 and earlier versions
According to the advisory Adobe released patch for 43 out of 71 vulnerabilities and are rated as critical in severity, most of which could lead to arbitrary code execution.
It also includes a permanent fix for a critical, publicly disclosed zero-day vulnerability (CVE 2019-7089) which could allow remote attackers to steal targeted Windows NTLM hash passwords.
Adobe also releases security patches for an important privilege escalation vulnerability (CVE-2019-7093) in its Creative Cloud Desktop Application versions 126.96.36.1990 and earlier.
The company says it is not aware of any in-the-wild exploit for the vulnerabilities addressed in its February 2019 Patch Tuesday updates.
Users are highly recommended to update their software packages to the latest versions as soon as possible.