Adobe has released a small security update to resolve vulnerabilities in Connect and Reader Mobile.
The tech giant’s standard monthly security release included two advisories; one relating to the Adobe Connect remote conferencing and collaboration tool, and the other to Reader Mobile, a mobile version of the firm’s .PDF document reader and manager.
Adobe’s second security bulletin reveals a fix for CVE-2020-24441, an “important” bug in Reader that relates to improper access control. If exploited by an attacker, this vulnerability can lead to information disclosure.
Adobe thanked researchers Pedro Oliveira, Saulius Pranckevicius, and Shaun Budding for reporting these security issues privately.
Last month, Adobe resolved a single vulnerability in its standard monthly update, a critical code execution issue found in Flash.
TechRepublic: DDoS attacks: How to combat the latest tactics
In related news, Microsoft’s Patch Tuesday security release tackled 112 vulnerabilities, including 24 remote code execution (RCE) bugs and a zero-day flaw currently being exploited in the wild.
On November 9, Adobe announced the purchase of Workfront for $1.5 billion. The marketing firm’s content delivery and analytics solutions are destined to join Adobe’s Experience Cloud platform.
Previous and related coverage
- Adobe releases another out-of-band patch, squashing critical bugs across creative software
- Adobe kills Flash in Acrobat and Reader – pushes out these critical security bug fixes
- Adobe patches Magento bugs that lead to code execution, customer list tampering
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0