Adobe has released security updates for both the Mac and Windows version of Adobe Acrobat and Adobe Reader. These updates fix 47 vulnerabilities classified as critical and 39 that are classified as important.

Of the 47 critical vulnerabilities, 46 of them allow code execution and 1 allows for escalation of privileges. The 39 vulnerabilities that are rated as important allow information disclosure.

The 46 critical vulnerabilities that allow code execution are the most dangerous as they could allow attackers to exploit the vulnerabilities to execute commands on the targeted computer or install malware without the victim's knowledge. Due to this, it is strongly recommended that all users of Adobe Acrobat and Adobe Reader install the latest versions.

To resolve the vulnerabilities, Adobe recommends Acrobat DC and Acrobat Reader DC users upgrade to version 2019.008.20071, Acrobat 2017 and Acrobat Reader DC users upgrade to version 2017.011.30105, and Acrobat DC 2015 and Acrobat Reader DC 2015 upgrade to versions 2015.006.30456.

The full list of patched vulnerabilities are listed below. The organizations or users that discovered these vulnerabilities are listed in the APSB18-30 security bulletin.

CVE-2018-15955, CVE-2018-15954, CVE-2018-15952, CVE-2018-15945, CVE-2018-15944, CVE-2018-15941, CVE-2018-15940, CVE-2018-15939, CVE-2018-15938, CVE-2018-15936, CVE-2018-15935, CVE-2018-15934, CVE-2018-15933, CVE-2018-15929, CVE-2018-15928, CVE-2018-12868, CVE-2018-12865, CVE-2018-12864, CVE-2018-12862, CVE-2018-12861, CVE-2018-12860, CVE-2018-12759, CVE-2018-15956, CVE-2018-15953, CVE-2018-15950, CVE-2018-15949, CVE-2018-15948, CVE-2018-15947, CVE-2018-15946, CVE-2018-15943, CVE-2018-15942, CVE-2018-15932, CVE-2018-15927, CVE-2018-15926, CVE-2018-15925, CVE-2018-15923, CVE-2018-15922, CVE-2018-12880, CVE-2018-12879, CVE-2018-12878, CVE-2018-12875, CVE-2018-12874, CVE-2018-12873, CVE-2018-12872, CVE-2018-12871, CVE-2018-12870, CVE-2018-12869, CVE-2018-12867, CVE-2018-12866, CVE-2018-12859, CVE-2018-12857, CVE-2018-12856, CVE-2018-12845, CVE-2018-12844, CVE-2018-12843, CVE-2018-12839, CVE-2018-12834, CVE-2018-15968,CVE-2018-12851, CVE-2018-12847, CVE-2018-12846, CVE-2018-12837, CVE-2018-12836, CVE-2018-12833, CVE-2018-12832,CVE-2018-15924, CVE-2018-15920, CVE-2018-12877, CVE-2018-12863, CVE-2018-12852, CVE-2018-12831, CVE-2018-12769, CVE-2018-12876, CVE-2018-12858, CVE-2018-12835, CVE-2018-12838 ,CVE-2018-12841, CVE-2018-12881, CVE-2018-12842, CVE-2018-15951, CVE-2018-12855, CVE-2018-12853, CVE-2018-15937, CVE-2018-15931, CVE-2018-15930, and CVE-2018-15966

Related Articles:

Adobe Releases Security Update for Acrobat Vulnerability with Public PoC

Adobe Flash Player Update Released for Remote Code Execution Vulnerability

Adobe Fixes Zero-Day Flash Player Vulnerability Used in APT Attack on Russia

Microsoft October 2018 Patch Tuesday Fixes 12 Critical Vulnerabilities

Apple Fixes Creepy FaceTime Vulnerability, Crash Bug in macOS, and More