ISC Stormcast For Tuesday, March 8th 2016 http://isc.sans.edu/podcastdetail.html?id=4899

Critical Adobe Updates - March 2016

Published: 2016-03-08
Last Updated: 2016-03-08 21:38:19 UTC
by Rick Wanner (Version: 1)
4 comment(s)

Adobe has released updates for Acrobat and Acrobat Reader versions to address "critical vulnerabilities that could potentially allow an attacker to take control of the affected system".

According to Adobe, there are three CVE's fixed in these updates. CVE-2016-1007 and CVE-2016-1009 refer to memory corruption issues that could permit code execution.   CVE-2016-1008 refers to a resource directory search path issue that could also lead to code execution.

Both of these sound serious enough to warrant updating as soon as reasonable.

Further information can be found at:

https://helpx.adobe.com/security/products/reader/apsb16-09.html

https://helpx.adobe.com/acrobat/kb/known-issues-acrobat-dc-reader.html

http://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotes/index.html

http://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotes/11/11.0.15.html#elevenzerozerofifteen

 

-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

Keywords: acrobat Adobe
4 comment(s)

March 2016 Microsoft Patch Tuesday

Published: 2016-03-08
Last Updated: 2016-03-08 18:52:03 UTC
by Alex Stanford (Version: 1)
22 comment(s)

https://isc.sans.edu/mspatchdays.html?viewday=2016-03-08

-- 
Alex Stanford - GIAC GWEB & GSEC,
Research Operations Manager,
SANS Internet Storm Center
/in/alexstanford

Keywords:
22 comment(s)

Comments


Diary Archives