Security fixes released for Adobe Acrobat and Reader

Security fixes released for Adobe Acrobat and Reader

Hello everyone,

 
Adobe has released security updates for Acrobat and Reader for Windows and macOS. Most of the updates are rated 'critical' and 'important'. Successful exploitation of these vulnerabilities could lead to arbitrary code execution in the context of the current user. The affected versions are as follows:

 

  • Acrobat DC Continuous  -  2020.009.20074 and earlier versions  

  • Acrobat Reader DC Continuous - 2020.009.20074 and earlier versions 

  • Acrobat 2017 Classic 2017  - 2017.011.30171 and earlier versions       

  • Acrobat Reader 2017 Classic 2017 - 2017.011.30171 and earlier versions          

  • Acrobat 2015  Classic 2015 - 2015.006.30523 and earlier versions    

  •  Acrobat Reader 2015 Classic 2015 - 2015.006.30523 and earlier versions


  CVE ID
  Vulnerability
  Impact 
  Severity
  CVE-2020-9697
  Disclosure of Sensitive Data
  Memory Leak
  Important
  CVE-2020-9714
  Security bypass 
  Privilege Escalation 
  Important
  CVE-2020-9693
  CVE-2020-9694
  Out-of-bounds write
  Arbitrary Code Execution
  Critical
  CVE-2020-9696
  CVE-2020-9712
  Security bypass
  Security feature bypass
  Critical
  CVE-2020-9702
  CVE-2020-9703
  Stack exhaustion
  Application denial-of-service
  Important
  CVE-2020-9723
  CVE-2020-9705
  CVE-2020-9706
  CVE-2020-9707
  CVE-2020-9710
  CVE-2020-9716
  CVE-2020-9717
  CVE-2020-9718
  CVE-2020-9719
  CVE-2020-9720
  CVE-2020-9721
  Out-of-bounds read
   Information disclosure
  Important
  CVE-2020-9698
  CVE-2020-9699
  CVE-2020-9700
  CVE-2020-9701
  CVE-2020-9704
  Buffer error
  Arbitrary Code Execution 
  Critical
  CVE-2020-9715
  CVE-2020-9722
  Buffer error
  Arbitrary Code Execution       
  Critical


To patch these vulnerabilities, initiate a sync between the Central Patch Repository and Patch Manager Plus server. Search for the following Patch IDs or Bulletin IDs and install them in your target systems

  Patch ID
  Bulletin ID
  Patch Description
  315459
  TU-753
 Adobe Acrobat 2017 Pro and Standard (Acrobat 2017 Track) update - All     languages (17.011.30175) (APSB20-48)
  315460
  TU-135
 Adobe Acrobat DC Pro and Standard (Classic Track) update - All languages   (15.006.30527) (APSB20-48)
  315461
  TU-137
 Adobe Acrobat DC Pro and Standard (Continuous Track) update - All languages   (20.012.20041) (APSB20-48)
  315462
  TU-754
 Adobe Acrobat Reader 2017 MUI (Classic Track) (17.011.30175) (APSB20-48)
  315463
  TU-072
 Adobe Acrobat Reader DC (Continuous Track) update - All languages   (20.012.20041) (APSB20-48)
  315464
  TU-073
 Adobe Acrobat Reader MUI DC (Continuous Track) update - All languages   (20.012.20041) (APSB20-48)
  315465
  TU-136
 Adobe Acrobat Reader MUI DC (Classic Track) update - All languages   (15.006.30527) (APSB20-48)


Cheers, 


The ManageEngine Team