Adobe Issues Emergency Patches for Two Critical Flaws in Acrobat and Reader
(Jan 3, 2019)
Adobe released an security patch to address two critically-rated vulnerabilities that affected Acrobat and Reader for both macOS and Windows. The first vulnerability, registered as "CVE-2018-16011," is a use-after-free flaw that could allow for arbitrary code execution by a user clicking into a malicious PDF file that would grant a threat actor privileges of the current logged on user. The second vulnerability, "CVE-2018-19725," is a security bypass flaw that could allow for privilege escalation. The vulnerable systems include Acrobat and Reader DC 2015 version 2015.006.30461 and earlier, 2017 version 2017.011.30110 and earlier, and Continuous version 2019.010.20064 and earlier for the Windows and macOS operating systems.
Recommendation: It is crucial to apply this security update immediately for both Windows and macOS users. Adobe's Patch Tuesday should be expected every month in order to apply the latest security patches to software utilized by your company. In Adobe's case, it is common for new vulnerabilities to be identified quite regularly. Utilizing the automatic update feature in Flash Player is a good mediation step to ensure that your company is always using the most recent version.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.