Adobe Releases May’s Security Updates Threat Alert

Adobe Releases May’s Security Updates Threat Alert

May 30, 2019 | Adeline Zhang

Overview

On May 14, 2019, local time, Adobe officially released May’s security updates to fix multiple vulnerabilities in its various products, including Adobe Flash Player, Adobe Acrobat and Reader, and Media Encoder.

For details about the security bulletins and advisories, visit the following link:

https://helpx.adobe.com/security.html

Fixed Vulnerabilities

Adobe Flash Player

Adobe has released security updates for Adobe Flash Player that address a vulnerability listed in the following table:

Vulnerability Impact Severity Level CVE ID
Arbitrary Code Execution Critical CVE-2019-7837
  • Affected versions:

Adobe Flash Player <= 32.0.0.171

  • Unaffected versions:

Adobe Flash Player 32.0.0.192

For details on vulnerability impact and remediation, refer to the security bulletin at the following link:

https://helpx.adobe.com/security/products/flash-player/apsb19-26.html

Adobe Acrobat and Reader

Adobe has released security updates for Adobe Flash Player that address multiple vulnerabilities listed in the following table:

Vulnerability Impact Severity Level CVE ID
Information Disclosure Important CVE-2019-7841

CVE-2019-7836

CVE-2019-7826

CVE-2019-7819

CVE-2019-7813

CVE-2019-7812

CVE-2019-7811

CVE-2019-7810

CVE-2019-7803

CVE-2019-7802

CVE-2019-7801

CVE-2019-7799

CVE-2019-7798

CVE-2019-7795

CVE-2019-7794

CVE-2019-7793

CVE-2019-7790

CVE-2019-7789

CVE-2019-7787

CVE-2019-7780

CVE-2019-7778

CVE-2019-7777

CVE-2019-7776

CVE-2019-7775

CVE-2019-7774

CVE-2019-7773

CVE-2019-7771

CVE-2019-7770

CVE-2019-7769

CVE-2019-7758

CVE-2019-7145

CVE-2019-7144

CVE-2019-7143

CVE-2019-7142

CVE-2019-7141

CVE-2019-7140

Arbitrary Code Execution Critical CVE-2019-7829

CVE-2019-7825

CVE-2019-7822

CVE-2019-7818

CVE-2019-7804

CVE-2019-7800

CVE-2019-7820

CVE-2019-7835

CVE-2019-7834

CVE-2019-7833

CVE-2019-7832

CVE-2019-7831

CVE-2019-7830

CVE-2019-7823

CVE-2019-7821

CVE-2019-7817

CVE-2019-7814

CVE-2019-7809

CVE-2019-7808

CVE-2019-7807

CVE-2019-7806

CVE-2019-7805

CVE-2019-7797

CVE-2019-7796

CVE-2019-7792

CVE-2019-7791

CVE-2019-7788

CVE-2019-7786

CVE-2019-7785

CVE-2019-7783

CVE-2019-7782

CVE-2019-7781

CVE-2019-7772

CVE-2019-7768

CVE-2019-7767

CVE-2019-7766

CVE-2019-7765

CVE-2019-7764

CVE-2019-7763

CVE-2019-7762

CVE-2019-7761

CVE-2019-7760

CVE-2019-7759

CVE-2019-7828

CVE-2019-7827

CVE-2019-7824

CVE-2019-7784

CVE-2019-7779

 

For details on vulnerability impact and remediation, refer to the security bulletin at the following link:

https://helpx.adobe.com/security/products/acrobat/apsb19-18.html

Adobe Media Encoder

Adobe has released security updates for Adobe Media Encoder that address two vulnerabilities listed in the following table:

Vulnerability Impact Severity Level CVE ID
Remote Code Execution Critical CVE-2019-7842
Information Disclosure Important CVE-2019-7844

 

  • Affected versions:

Adobe Media Encoder 13.0.2

  • Unaffected versions:

Adobe Media Encoder 13.1

For details on vulnerability impact and remediation, refer to the security bulletin at the following link:

https://helpx.adobe.com/security/products/media-encoder/apsb19-29.html

Solution

Adobe has officially released security updates to fix the preceding vulnerabilities. Users are advised to upgrade their installation to the latest version as soon as possible.

For vulnerability details and remediation, please visit the preceding security bulletin links.

Statement

This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.

About NSFOCUS

NSFOCUS IB is a wholly owned subsidiary of NSFOCUS, an enterprise application and network security provider, with operations in the Americas, Europe, the Middle East, Southeast Asia and Japan. NSFOCUS IB has a proven track record of combatting the increasingly complex cyber threat landscape through the construction and implementation of multi-layered defense systems. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide unified, multi-layer protection from advanced cyber threats.

For more information about NSFOCUS, please visit:

https://www.nsfocusglobal.com.

NSFOCUS, NSFOCUS IB, and NSFOCUS, INC. are trademarks or registered trademarks of NSFOCUS, Inc. All other names and trademarks are property of their respective firms.