Adobe Releases August Security Update

On August 14th, Adobe officially released the August security update, which fixes multiple vulnerabilities in its products, including Acrobat and Reader, Flash Player, Experience Manage and Creative Cloud Desktop Application.

Vulnerability Overview:

Adobe Flash Player

  • Impact version: <= 30.0.0.134
  • Unaffected version: 30.0.0.154
Vulnerability Impact Severity CVE Number
Information Disclosure Important CVE-2018-12824
Security Mitigation Bypass Important CVE-2018-12825
Information Disclosure Important CVE-2018-12826
Information Disclosure Important CVE-2018-12827
Privilege Escalation Important CVE-2018-12828

Adobe Acrobat and Reader

  • Affected version:
    Acrobat/Reader DC (Continuous): <= 2018.011.20055

    Acrobat/Reader 2017: <=2017.011.30096

    Acrobat/Reader DC (Classic): <=2015.006.30434

  • Unaffected version:
    Acrobat/Reader DC (Continuous): 2018.011.20058

    Acrobat/Reader 2017: 2017.011.30099

    Acrobat/Reader DC (Classic): 2015.006.30448

Vulnerability Impact Severity CVE Number
Arbitrary Code Execution Critical CVE-2018-12808
Arbitrary Code Execution Critical CVE-2018-12799

Reference link:

https://helpx.adobe.com/security/products/acrobat/apsb18-29.html

Adobe Experience Manager

 

Vulnerability Impact Severity CVE Numbers
Sensitive Information disclosure Moderate CVE-2018-12806
Unauthorized Information Modification Moderate CVE-2018-12807
Sensitive Information disclosure Moderate CVE-2018-5005

 

Adobe Creative Cloud Desktop Application

  • Affected version:
    Creative Cloud Desktop Application (installer) <=4.5.0.324
  • Security version:
    Creative Cloud Desktop Application (installer) 4.5.5.342
Vulnerability Impact Severity CVE Numbers
Privilege Escalation Important CVE-2018-5003

Solution

Adobe has released a new version to fix the above vulnerability; users should upgrade in time to protect.

For details and operations, please refer to the official notification link for each product vulnerability section.