Sårbarheter i produkter fra Adobe

Publisert: 22.11.2017

NorCERT ønsker å informere om at Adobe har sluppetsikkerhetsoppdateringer til flere av sine produkter.

Noen av sårbarhetene regnes som kritiske.


Sårbare produkter
- ------------------
  - Adobe Flash Player for Windows, macOS, Linux og Chrome OS [1] 
  - Adobe Photoshop CC for Windows og Mac [2] 
  - Adobe Connect [3] 
  - Adobe Acrobat and Reader for Windows og Mac [4]
  - Adobe DNG Converter for Windows [5]
  - Adobe InDesign CC for Windows og Mac [6]
  - Adobe Digital Editions for Windows, Macintosh, iOS og Android [7]
  - Adobe Shockwave Player for Windows [8]
  - Adobe Experience Manager [9]


CVE referanser
- --------------
CVE-2017-3112, CVE-2017-3114, CVE-2017-11213, CVE-2017-11215, CVE-2017-11225, 
CVE-2017-11303, CVE-2017-11304, CVE-2017-11291, CVE-2017-11287, CVE-2017-11288, 
CVE-2017-11289, CVE-2017-11290, CVE-2017-16377, CVE-2017-16378, CVE-2017-16360, 
CVE-2017-16388, CVE-2017-16389, CVE-2017-16390, CVE-2017-16393, CVE-2017-16398, 
CVE-2017-16381, CVE-2017-16385, CVE-2017-16392, CVE-2017-16395, CVE-2017-16396, 
CVE-2017-16363, CVE-2017-16365, CVE-2017-16374, CVE-2017-16384, CVE-2017-16386, 
CVE-2017-16387, CVE-2017-16368, CVE-2017-16383, CVE-2017-16391, CVE-2017-16410, 
CVE-2017-16362, CVE-2017-16370, CVE-2017-16376, CVE-2017-16382, CVE-2017-16394, 
CVE-2017-16397, CVE-2017-16399, CVE-2017-16400, CVE-2017-16401, CVE-2017-16402, 
CVE-2017-16403, CVE-2017-16404, CVE-2017-16405, CVE-2017-16408, CVE-2017-16409, 
CVE-2017-16412, CVE-2017-16414, CVE-2017-16417, CVE-2017-16418, CVE-2017-16420, 
CVE-2017-11293, CVE-2017-16407, CVE-2017-16413, CVE-2017-16415, CVE-2017-16416, 
CVE-2017-16361, CVE-2017-16366, CVE-2017-16369, CVE-2017-16380, CVE-2017-16419, 
CVE-2017-16367, CVE-2017-16379, CVE-2017-16406, CVE-2017-16364, CVE-2017-16371, 
CVE-2017-16372, CVE-2017-16373, CVE-2017-16375, CVE-2017-16411, CVE-2017-11295, 
CVE-2017-11302, CVE-2017-11273, CVE-2017-11297, CVE-2017-11298, CVE-2017-11299, 
CVE-2017-11300, CVE-2017-11301, CVE-2017-11294, CVE-2017-3109


Anbefalinger
- -------------
NorCERT anbefaler å patche berørte klienter så fort det lar seg gjøre.


Utnyttelse
- -----------
NorCERT er ikke kjent med aktiv utnyttelse av disse sårbarhetene i Norge eller 
andre land.


NorCERT-pulsen
- ---------------
NorCERT-pulsen er på nivå 2 grunnet sårbarheter i mye brukte produkter 
fra Microsoft.


Med vennlig hilsen,
NSM NorCERT Operasjonssenter


Referanser
- -----------
[1] https://helpx.adobe.com/security/products/flash-player/apsb17-33.html
[2] https://helpx.adobe.com/security/products/photoshop/apsb17-34.html
[3] https://helpx.adobe.com/security/products/connect/apsb17-35.html
[4] https://helpx.adobe.com/security/products/acrobat/apsb17-36.html
[5] https://helpx.adobe.com/security/products/dng-converter/apsb17-37.html
[6] https://helpx.adobe.com/security/products/indesign/apsb17-38.html
[7] https://helpx.adobe.com/security/products/Digital-Editions/apsb17-39.html
[8] https://helpx.adobe.com/security/products/shockwave/apsb17-40.html
[9] https://helpx.adobe.com/security/products/experience-manager/apsb17-41.html