Adobe patches Business Logic error in Flash

0
131

0

In a rare turn of events, Adobe has only needed to resolve one vulnerability during December’s Patch Tuesday.

screen-shot-2017-12-13-at-08-41-17.jpg

According to the tech giant’s security advisory, the lone “Business Logic error” bug, CVE-2017-11305, is a moderately dangerous vulnerability.

“This update addresses a regression that could lead to the unintended reset of the global settings preference file,” Adobe says.

The vulnerability impacts Adobe Flash and Adobe Flash for Google Chrome on Windows, Mac, Linux and Chrome OS, as well as Adobe Flash for Microsoft Edge and Internet Explorer 11 on Windows 8.1 and 10.

Granted a priority rating of 2, Adobe has not received reports of the vulnerability being exploited in the wild.

See also: Adobe accidentally releases private PGP key

In November, Adobe patched 67 vulnerabilities, many of them critical. The bugs impacted Adobe Flash, Acrobat, and Reader, as well as other software.

In total, five vulnerabilities were fixed in Flash, all of which were deemed critical. The out-of-bounds read and use-after-free security flaws, if exploited, could lead to remote code execution.

Cross-site scripting (XSS) vulnerabilities, type confusion issues, buffer problems, and memory corruption vulnerabilities were also fixed in other software.

In the same Patch Tuesday, Microsoft issued fixes for over 30 vulnerabilities in software including the Microsoft Windows operating system, Microsoft Office, Exchange Server, and Microsoft Edge.

More security news

Yes, that Netflix tweet is creepy — and raises serious privacy questions

New Spider ransomware threatens to delete your files if you don’t pay within 96 hours

Google Project Zero ‘tpf0’ exploit whets appetite for iOS 11 jailbreak

Ransomware’s bitcoin problem: How price surge means a headache for crooks

Previous and related coverage

Adobe accidentally releases private PGP key Adobe Lightroom adds AI, machine learning for better auto settings Microsoft, Adobe advance partnership with new cross-cloud productivity integrations

Related Topics:

Security TV

Data Management

CXO

Data Centers

0