InfoSec Handlers Diary Blog - Adobe December Patch Tuesday

SANS ISC: InfoSec Handlers Diary Blog - Adobe December Patch Tuesday

SANS Site Network
- Current Site
- Internet Storm Center
- Other SANS Sites Help
- Graduate Degree Programs
- Security Training
- Security Certification
- Security Awareness Training
- Penetration Testing
- Industrial Control Systems
- Cyber Defense Foundations
- DFIR
- Software Security
- Government OnSite Training

InfoSec Handlers Diary Blog

Adobe December Patch Tuesday

Published: 2014-12-10
Last Updated: 2014-12-10 01:24:00 UTC
by Johannes Ullrich (Version: 1)

Adobe today released two new bulletins, and updaed the Reader/Acrobat bulletin that was published a week ago.

APSB14-27: Security Update for Adobe Flash Player

This update fixes 6 vulnerabilities, some of which can lead to remote code execution. Adobe rates this patch with a priority of "1", indicating that the vulnerability has already been exploited in targeted attacks.

APSB14-28: Security Update for Adobe Reader and Acrobat

This updates fixes 20 different vulnerabilities. The bulletin has a rating of 1.

APSB14-29: Hotfixes for ColdFusion

This bulletin applies to ColdFusion 10 and 11 and fixes a denial of service vulnerability (CVE-2014-9166). The vulnerability has not been used in any exploits so far.

http://helpx.adobe.com/security.html

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

Keywords:

4 comment(s)

Top of page

Diary Archives