Adobe released the security updates for the critical vulnerabilities of Acrobat and Reader. The users of Acrobat & Reader require to apply this patch update to avoid these critical security flaws.

Adobe avoids disclosing the details of security bugs before releasing the update to patch the same bugs. The same happened while releasing this first update of the new year, APSB19-02 that addressed first 2 critical vulnerabilities having priority rating of “2”.

The two Adobe flaws identified as CVE-2018-16011 and CVE-2018-16018 (replaced CVE-2018-19725) are considered to be potentially serious flaws. The first one is “Use After Free” vulnerability that can lead to Arbitrary Code Execution and another is “Security Bypass” that can cause Privilege Escalation.

Download Adobe Patch for Critical Flaws of Acrobat and Reader

List of Affected Adobe Acrobat and Reader Versions for Various OS.

  • Adobe Acrobat DC (2019.010.20064 and earlier versions) for Windows and MacOS.
  • Adobe Acrobat Reader DC (2019.010.20064 and earlier versions) for Windows and MacOS.
  • Acrobat 2017 (2017.011.30110 and earlier versions) for Windows and MacOS.
  • Acrobat Reader 2017 (2017.011.30110 and earlier versions) for Windows and MacOS.
  • Acrobat DC, Classic 2015 (2015.006.30461 and earlier versions) for Windows and MacOS.
  • Acrobat Reader DC, Classic 2015 (2015.006.30461 and earlier versions) for Windows and MacOS.

How to Fix Adobe Vulnerabilities for Acrobat and Reader

The users are suggested to update their particular affected software to the latest version available. For a manual update, you can navigate Help > Check for Updates, your Adobe software will be updated to the new version.

Advertisements

The Enterprise installers are available here.

Updated Versions for Acrobat and Reader

Acrobat DC 2019.010.20069 Update for Windows & MacOS

Acrobat Reader DC 2019.010.20069 Update for Windows & MacOS

Acrobat 2017, version 2017.011.30113 for Windows & MacOS

Acrobat Reader DC 2017, latest version 2017.011.30113 for Windows & MacOS

Acrobat Classic 2015, latest version 2015.006.30464 for Windows & MacOS

Acrobat Reader DC Classic 2015, latest version 2015.006.30464 for Windows & MacOS

The vulnerability CVE-2018-16011 was reported by Sebastian Apelt and CVE-2018-16018 was found & reported by Abdul Aziz Hariri via Trend Micro’s Zero Day Initiative. Adobe shows gratitude towards these researchers who helped them to detect relevant issues and fix them in an appropriate time period.

LEAVE A REPLY

Please enter your comment!
Please enter your name here