Adobe released the Patch Tuesday, this month it only addressed a moderate severity regression issue affecting Flash Player tracked as CVE-2017-11305.

It was a poor Patch Tuesday this month for Adobe that only addressed a moderate severity regression issue affecting Flash Player tracked as CVE-2017-11305.

The vulnerability was described as a “business logic error,” that can cause the unintended reset of the global settings preference file.

“Adobe has released a security update for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. This update addresses a regression that could lead to the unintended reset of the global settings preference file.” reads the Adobe Security Bulletin.

According to the company, there is no evidence of exploitation in the wild.

The regression issue affects version 27.0.0.187 and earlier of Flash Player on Windows, Mac, Linux and Chrome OS. Adobe patched the flaw with the release of version 28.0.0.126. Microsoft has also updated the Flash Player components used by its software in order to address this issue.

In November, Adobe addressed a total of 80 vulnerabilities across 9 products, most of which for Acrobat and Reader, including dozens of RCE issues.

Pierluigi Paganini

(Security Affairs – Adobe Adobe Flash, hacking)

Share this...

Linkedin Reddit Pinterest

Share On