Adobe Releases August Security Update
On August 14th, Adobe officially released the August security update, which fixes multiple vulnerabilities in its products, including Acrobat and Reader, Flash Player, Experience Manage and Creative Cloud Desktop Application.
Vulnerability Overview:
Adobe Flash Player
- Impact version: <= 30.0.0.134
- Unaffected version: 30.0.0.154
Vulnerability Impact | Severity | CVE Number |
Information Disclosure | Important | CVE-2018-12824 |
Security Mitigation Bypass | Important | CVE-2018-12825 |
Information Disclosure | Important | CVE-2018-12826 |
Information Disclosure | Important | CVE-2018-12827 |
Privilege Escalation | Important | CVE-2018-12828 |
Adobe Acrobat and Reader
- Affected version:
Acrobat/Reader DC (Continuous): <= 2018.011.20055Acrobat/Reader 2017: <=2017.011.30096
Acrobat/Reader DC (Classic): <=2015.006.30434
- Unaffected version:
Acrobat/Reader DC (Continuous): 2018.011.20058Acrobat/Reader 2017: 2017.011.30099
Acrobat/Reader DC (Classic): 2015.006.30448
Vulnerability Impact | Severity | CVE Number |
Arbitrary Code Execution | Critical | CVE-2018-12808 |
Arbitrary Code Execution | Critical | CVE-2018-12799 |
Reference link:
https://helpx.adobe.com/security/products/acrobat/apsb18-29.html
Adobe Experience Manager
- Affects Version: Adobe Experience Manager 6.0 – 6.4
- Unaffected version: Please download the corresponding version of the patch to update
6.0: https://helpx.adobe.com/experience-manager/kb/aem6-available-hotfixes.html6.1: https://helpx.adobe.com/experience-manager/aem-releases-updates.html#61
6.2: https://helpx.adobe.com/experience-manager/aem-releases-updates.html#62
6.3: https://helpx.adobe.com/experience-manager/aem-releases-updates.html#63
6.4: https://helpx.adobe.com/experience-manager/aem-releases-updates.html
Vulnerability Impact | Severity | CVE Numbers |
Sensitive Information disclosure | Moderate | CVE-2018-12806 |
Unauthorized Information Modification | Moderate | CVE-2018-12807 |
Sensitive Information disclosure | Moderate | CVE-2018-5005 |
Adobe Creative Cloud Desktop Application
- Affected version:
Creative Cloud Desktop Application (installer) <=4.5.0.324
- Security version:
Creative Cloud Desktop Application (installer) 4.5.5.342
Vulnerability Impact | Severity | CVE Numbers |
Privilege Escalation | Important | CVE-2018-5003 |
Solution
Adobe has released a new version to fix the above vulnerability; users should upgrade in time to protect.
For details and operations, please refer to the official notification link for each product vulnerability section.