Critical vulnerabilities in Adobe Illustrator
Adobe has released security updates for Illustrator CC and the Experience Manager, plus a bug fix update for the Flash Player.
Adobe provides an update for the Flash Player, but it does not close any security vulnerabilities. There is an update for critical vulnerabilities in Illustrator CC. The weaknesses that were eliminated in Experience Manager, on the other hand, are considered to be less problematic.
In Illustrator CC 2019 all the vulnerabilities were classified as critical, because an attacker could inject and execute code. The update to the new Illustrator CC 2019 24.0.2 version will help.
In Adobe Experience Manager (AEM) 6.0 to 6.5, Adobe closes four security vulnerabilities. Three of the vulnerabilities are considered important, all four could lead to the disclosure of confidential information. Adobe provides service packs for AEM 6.3, 6.4 and 6.5.
According to Adobe, the latest Flash Player 126.96.36.1994 only fixes a few bugs, but no security vulnerabilities. The update is not available for the Flash Player integrated in Edge and Internet Explorer 11 (from Windows 8).
The current Adobe Security Bulletins can be found here.