As a best practice, Adobe recommends administrators install the update soon (for example, within 30 days).”Īs always for Windows and Mac users, the remedy for avoiding these vulnerabilities is to update the affected products.Īdobe and Microsoft are long-term partners. “Based on previous experience, we do not anticipate exploits are imminent. “There are currently no known exploits,” the company adds. In its release note, Adobe says the following Acrobat DC and Reader DC Continuous versions are affected: 2020.012.20048 and earlier on Windows and Mac, Classic 2020 versions 2020.001.20005 and earlier on Windows and Mac, and Classic 2017 versions 2017.011.30175 and earlier on Windows and Mac. “The November 2020 release of Adobe Reader and Acrobat is a standard product release that includes new product features as well as fixes for bugs and security vulnerabilities.” Affected Versions # “While Adobe strives to release regularly scheduled updates on update Tuesday, occasionally those regularly scheduled security updates are released on non-update Tuesday dates,” the company says. These occur on the second Tuesday of the month, but this time the company has sent out it monthly fixes out of schedule: The four vulnerabilities are:Ī heap-based buffer overflow (CVE-2020-24435) Out-of-bounds write glitch (CVE-2020-24436) A pair of use-after free flaws (CVE-2020-24430 and CVE-2020-24437)Īdobe rolled out fixes for the flaws as part of its usual patch cycle. In a release, Adobe points out the flaws could allow bad actors to exploit the apps and create arbitrary code.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |