Adobe Releases Security Update For Adobe Reader For Android

Adobe has released security updates to address vulnerabilities classified as ‘Important’ in Adobe Reader for Android and Adobe Connect.

In total, the company fixed three security vulnerabilities with their November security patch Tuesday releases, which is a far lower number than usual.

Adobe advises all customers to update the vulnerable products to the latest versions as soon as possible to block attacks that could attempt to exploit unpatched installations.

APSB20-69 Security update available for Adobe Connect

Adobe has released a security update for Adobe Connect that fixes two cross-site scripting vulnerabilities that could cause a visitor’s browser to run malicious JavaScript.

Also Read: 15 Best Tools For Your Windows 10 Privacy Settings Setup

“These updates address reflected cross-site scripting vulnerabilities rated important.  Successful exploitation could lead to arbitrary JavaScript execution within the context of the victim’s browser,” Adobe’s bulletin warns.

Vulnerability Category	Vulnerability Impact	Severity	CVE Number
Reflected cross-site scripting	Arbitrary JavaScript execution in the browser	Important	CVE-2020-24442CVE-2020-24443

Users are advised to install Adobe Connect 11.0.5 to resolve these vulnerabilities.

APSB20-71 Security update available for Adobe Reader for Android

This update fixes an information disclosure vulnerability in Adobe Reader for Android.

“This update addresses an important vulnerability. Successful exploitation could lead to information disclosure in the context of the current user,” the Adobe bulletin explains.

Also Read: How Singapore Cybersecurity Masterplan 2020 Is Formidable

Vulnerability Category	Vulnerability Impact	Severity	CVE Numbers
Improper access control	Sensitive information disclosure	Important	CVE-2020-24441

Android users are advised to install Adobe Reader Mobile 20.9.0 to fix this vulnerability.