Adobe Patches Critical Flaw Twice in One Week
In a matter of days, Adobe has patched a critical information disclosure flaw in Reader twice.
Adobe has been tripping over its own patches this week.
After its original fix failed, Adobe has issued yet another patch for a critical zero-day vulnerability in its Acrobat Reader. The previous vulnerability (CVE-2019-7089) was resolved last week in Adobe’s February 12 patch release. It was described as a sensitive data leak issue which can lead to information disclosure when exploited.
Cure53 researcher, Alex Inführ, originally reported the zero-day vulnerability in Adobe Reader. The exploit could permit attackers to steal victims’ hashed password values, known as “NTLM hashes.”
Despite an embarrassing few days, Adobe has issued a second patch (CVE-2019-7815) that will hopefully resolve the issue. This should serve as a reminder for the importance of third-party patching—ensure you never miss an update with Syxsense.
Start a Free Trial
Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
