Login

Register

Login

Register

Delayed Adobe patches fix long list of critical flaws – Naked Security


Notice anything missing from last week’s Microsoft Patch Tuesday?

Obscured by a long list of Microsoft patches and some fuss about a missing SMB fix, the answer is Adobe, which normally times its update cycle to coincide with the OS giant’s monthly schedule.

It’s mostly a practical convenience – admins and end-users get all the important client patches at once, which includes Adobe’s ubiquitous Acrobat and Reader software.

And yet March’s roster was Adobe-less. This week the company made amends, issuing fixes for an unusually high CVE-level 41 vulnerabilities, 21 of which are rated critical.

It’s not clear what caused the delay although it might simply be their number and the need to finalise patches before making them public.

The two patching hotspots are the 22 CVEs in Photoshop and 13 in Acrobat and Reader.

Of these, 16 uncovered in Photoshop/CC for Windows and macOS are rated critical compared to a more modest 9 in Acrobat and Reader.

That said, Reader is widely used on Windows and Macs, which is why admins will probably zero in on those as the top priority.

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW