Adobe has released a small security update to resolve vulnerabilities in Connect and Reader Mobile.
The tech giant’s standard monthly security release included two advisories; one relating to the Adobe Connect remote conferencing and collaboration tool, and the other to Reader Mobile, a mobile version of the firm’s .PDF document reader and manager.
See also: Adobe to buy marketing software firm Workfront for $1.5 billion
Adobe’s second security bulletin reveals a fix for CVE-2020-24441, an “important” bug in Reader that relates to improper access control. If exploited by an attacker, this vulnerability can lead to information disclosure.
CNET: Ex-Microsoft engineer gets 9-year prison sentence for fraud scheme
Adobe thanked researchers Pedro Oliveira, Saulius Pranckevicius, and Shaun Budding for reporting these security issues privately.
Last month, Adobe resolved a single vulnerability in its standard monthly update, a critical code execution issue found in Flash.
The company also released two out-of-band releases in October to fix critical security flaws in software including Magento, Photoshop, Illustrator, and InDesign. (1,2)
TechRepublic: DDoS attacks: How to combat the latest tactics
In related news, Microsoft’s Patch Tuesday security release tackled 112 vulnerabilities, including 24 remote code execution (RCE) bugs and a zero-day flaw currently being exploited in the wild.
On November 9, Adobe announced the purchase of Workfront for $1.5 billion. The marketing firm’s content delivery and analytics solutions are destined to join Adobe’s Experience Cloud platform.
Previous and related coverage
- Adobe releases another out-of-band patch, squashing critical bugs across creative software
- Adobe kills Flash in Acrobat and Reader – pushes out these critical security bug fixes
- Adobe patches Magento bugs that lead to code execution, customer list tampering
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0