Adobe had a jumbo-sized May Patch Tuesday that addressed 84 vulnerabilities in just two products, including 48 rated as critical.
The critical issues addressed by Adobe’s advisory were found in Adobe Acrobat and Reader for Windows and macOS and were classified as out-of-bounds write, type confusion, use after free, heap overflow, buffer error, double free and security bypass flaws. All of these can lead to remote code execution, if exploited.
The 36 vulnerabilities rated as important are all centered on an out-of-bounds read issue that could lead to information disclosure, if exploited.
Adobe said that none of the critical or important vulnerabilities are being exploited in the wild. Patches are available and should download automatically.
Flash Player was not included this month, but did receive a
patch in April.
Gloss