Adobe has released patches for a series of vulnerabilities in its product line, including Photoshop, Illustrator, Flash Professional and Shockwave. Several of the vulnerabilities can be used to take complete control of affected machines.
The highest-priority vulnerabilities among those patched Tuesday is a group of five flaws in Shockwave that can be used to run malicious code on vulnerable machines. The update applies to both Windows and Mac machines and Adobe is recommending that users upgrade to version 11.6.5.635. The Shockwave bugs are rated as a priority 2.
The other vulnerabilities that Adobe fixed today are all rated priority 3, including:
- Five vulnerabilities in Illustrator. Adobe released a security upgrade for Adobe Illustrator CS5.5 and earlier for Windows and Macintosh. This upgrade addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.
- Two vulnerabilities in Photoshop. Adobe released a security upgrade for Adobe Photoshop CS5.5 and earlier for Windows and Macintosh. This upgrade addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.
- One vulnerability in Flash Professional. Adobe released a security upgrade for Adobe Flash Professional CS5.5 (11.5.1.349) and earlier for Windows and Macintosh. This upgrade addresses a vulnerability that could allow an attacker who successfully exploits this vulnerability to take control of the affected system.
The bug patched in Flash Professional today is separate from the one that Adobe patched in Flash last week, which is being used in targeted attacks right now.