Security Bulletins Posted

Adobe has published security bulletins for Adobe RoboHelp (APSB17-25), Adobe Flash Player (APSB17-28) and ColdFusion (APSB17-30). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant bulletin.

This posting is provided “AS IS” with no warranties and confers no rights.

Update to Security Bulletin (APSB17-24)

The Security Bulletin (APSB17-24) published on August 8 regarding updates for Adobe Acrobat and Reader has been updated to reflect the availability of new updates as of August 29.

The August 29 updates resolve a functional regression with XFA forms functionality that affected some users, as well as provide a resolution to security vulnerability CVE-2017-11223.  This CVE was originally addressed in the August 8 updates (versions 2017.012.20093, 2017.011.30059 and 2015.006.30352). Due to a functional regression in those releases, optional hotfixes [0,1,2] were offered to affected customers that temporarily reverted the fix for CVE-2017-11223. The August 29 releases resolve both the functional regression and provide a fix for CVE-2017-11223.

At this time, Adobe is not aware of exploits in the wild for CVE-2017-11223, or any of the other issues addressed in the August 8 or August 29 releases.

References:

[0] Hotfix for 2017.012.20093

[1] Hotfix for 2017.011.30059

[2] Hotfix for 2015.006.30352

This posting is provided “AS IS” with no warranties and confers no rights.

Security Bulletins Posted

Adobe has published security bulletins for Adobe Flash Player (APSB17-23), Adobe Acrobat and Reader (APSB17-24), Adobe Experience Manager (APSB17-26) and Adobe Digital Editions (APSB17-27). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant bulletin.

This posting is provided “AS IS” with no warranties and confers no rights.

Upcoming Security Updates for Adobe Reader and Acrobat (APSB17-24)

A prenotification Security Advisory has been posted regarding upcoming Adobe Reader and Acrobat updates scheduled for Tuesday, August 8, 2017.

We will continue to provide updates on the upcoming release via the Security Advisory as well as the Adobe PSIRT blog.

This posting is provided “AS IS” with no warranties and confers no rights.

Security Bulletins posted for Adobe Flash Player and Adobe Connect

Adobe has published security bulletins for Adobe Flash Player (APSB17-21) and Adobe Connect (APSB17-22). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant bulletin.

This posting is provided “AS IS” with no warranties and confers no rights.

Security Bulletins posted

Adobe has published security bulletins for Adobe Flash Player (APSB17-17), Adobe Shockwave Player (APSB17-18), Adobe Captivate (APSB17-19) and Adobe Digital Editions (APSB17-20). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant bulletin.

This posting is provided “AS IS” with no warranties and confers no rights.

Security Bulletin posted for Adobe Flash Player and Adobe Experience Manager Forms

Adobe has published security bulletins for Adobe Flash Player (APSB17-15) and Adobe Experience Manager Forms (APSB17-16). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant bulletin.

This posting is provided “AS IS” with no warranties and confers no rights.

Security Bulletin Posted for ColdFusion (APSB17-14)

Adobe has published a Security Bulletin (APSB17-14) announcing the availability of hotfixes for ColdFusion versions 2016, 11 and 10. These hotfixes resolve an input validation issue that could be used in reflected XSS (cross-site scripting) attacks (CVE-2017-3008). These hotfixes also include an updated version of Apache BlazeDS to mitigate java deserialization (CVE-2017-3066). Adobe recommends customers apply the relevant hotfix to their product installation using the instructions referenced in the security bulletin.

 

This posting is provided “AS IS” with no warranties and confers no rights.

Security Bulletins posted

Adobe has published security bulletins for Adobe Campaign (APSB17-09), Adobe Flash Player (APSB17-10), Adobe Acrobat and Reader (APSB17-11), Adobe Photoshop (APSB17-12) and the Creative Cloud Desktop Application (APSB17-13). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant bulletin.

This posting is provided “AS IS” with no warranties and confers no rights.

Upcoming Security Updates for Adobe Acrobat and Reader (APSB17-11)

A prenotification Security Advisory (APSB17-11) has been posted regarding upcoming releases for Adobe Acrobat and Reader scheduled for Tuesday, April 11, 2017.

We will continue to provide updates on the upcoming releases via the Security Advisory as well as the Adobe PSIRT blog.

This posting is provided “AS IS” with no warranties and confers no rights.