Adobe has released 48 critical security updates, subjects include Acrobat and Acrobat Reader, Photoshop CC etc.

A total of 48 critical security updates have been released, including the security vulnerabilities present in Adobe's Acrobat, Acrobat Reader, and part of Photoshop CC.

Security updates available for Adobe Acrobat and Reader | APSB 18 - 09 Adobe Security Bulletin
https://helpx.adobe.com/security/products/acrobat/apsb18-09.html

Security updates available for Adobe Photoshop CC | APSB 18-17 Adobe Security Bulletin
https://helpx.adobe.com/security/products/photoshop/apsb18-17.html

Adobe Releases Critical Security Updates for Acrobat, Reader and Photoshop CC
https://thehackernews.com/2018/05/adobe-security-patch-update.html

Acrobat-type applications targeted for security update include 6 types including Acrobat DC, Acrobat Reader DC, Acrobat 2017, Acrobat Reader 2017 and others. Both include applications on both Windows and macOS platforms.


The known problems are "Double Free" of memory whose memory is doubly released, "Heap Overflow" where data overflows from dynamically secured memory area, re-attack against released memory 11 such as "Use-after-free" etc. It is a vulnerability that can execute arbitrary code and security bypass if it exploits it.


Regarding Photoshop, it covers Photoshop CC 2018 and Photoshop CC 2017.


The vulnerability that has been confirmed is "out-of-bounds write" in which data is written to memory outside the area, and the urgency is "critical".


Whether the target application is included in the target can be checked by clicking "Check for Updates" from the "Help" menu of the application.


If there is an update, it is OK if you click the button such as "download and install" and proceed.


According to Adobe, the priority of this update is "3", and it is said that attacks that actually vulnerable to this vulnerability have not been done so far. However, we recommend that users update as soon as possible.