Adobe released updates for four of its widely used software yesterday—including Adobe Acrobat and Reader, Photoshop CC, ColdFusion, and Brackets—to patch a total of 25 new security vulnerabilities.
Seventeen of these flaws have been rated as critical in severity, with most of them carrying high priority patches, indicating that the vulnerabilities are more likely to be used in real-world attacks, but there are currently no known exploits in the wild.
The software update for Adobe Acrobat and Reader for Windows and macOS operating systems addresses a total of 21 security vulnerabilities, 14 of which are critical, and rest are important in severity. Upon successful exploitation, all critical vulnerabilities in Adobe Acrobat and Reader software lead to arbitrary code execution attacks, allowing attackers to take complete control of targeted systems. Adobe Photoshop CC for Windows and macOS contains patches for two critical arbitrary code execution vulnerabilities. Adobe ColdFusion update comes with a security patch for an important privilege escalation bug, which occurs due to insecure inherited permissions of the default installation directory. The last two flaws the company patched this month affect Brackets, a source code editor.