Adobe has released a security update for Adobe Digital Editions. This update resolves critical vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
|Adobe Digital Editions||4.5.9||Windows||3||Download Page|
|Vulnerability Category||Vulnerability Impact||Severity||CVE Numbers|
|Heap overflow||Arbitrary Code Execution||Critical||
|Out of bounds read||Information Disclosure||Important||
|Use after free||Arbitrary Code Execution||Critical||CVE-2018-12822|
Adobe would like to thank Jaanus Kääp of Clarified Security for reporting these issues and for working with Adobe to help protect our customers.