View All Alerts & Outages

Critical Security Updates for Digital Editions, Experience Manager, Framemaker and Adobe Technical Communication Suite on October 9, 2018

On October 9, 2018, Adobe released security updates for:

  • Adobe Digital Editions[1]
  • Adobe Experience Manager[2]
  • Adobe Framemaker[3]
  • Adobe Technical Communications Suite[4]

These vulnerabilities can lead to privilege escalation, arbitrary code execution, sensitive information disclosure, and unauthorized information modification, and should be remediated as quickly as possible.

Systems managed by ISC's IBM Endpoint Manager ("BigFix") can expect to be patched for this vulnerability shortly. Systems administrators of other endpoint management solutions are strongly encouraged to push this patch to their deployments.

For users in unmanaged environments, ISC strongly recommends configuring the software to use Adobe's automatic update for Flash Player.  Available for both Windows and macOS, this update check can be configured to either alert the user to the availability of an update or to automatically install any available Flash Player update.  The settings can be found in these locations:

  • Windows: Click Start > Settings > Control Panel > Flash Player
  • macOS: System Preferences > Flash Player (note: under "Other")

Both Google Chrome (on Windows and macOS) and Internet Explorer 11 (on Windows 10/8.x) manage and update their Flash Player instances from within the browser.  Windows 7 users of Internet Explorer 11 must manually download and install the plug-in for Flash Player. All web browsers should be restarted following the update.

Adobe notes that users who selected the option to 'Allow Adobe to install updates' will receive the update automatically. Users who do not have the 'Allow Adobe to install updates' option enabled can install the update via the update mechanism within the product when prompted.

To download the latest version of Flash Player manually:

https://get.adobe.com/flashplayer/

To download the latest version of Acrobat Reader manually:

http://get.adobe.com/reader

For more information about these security bulletins:

[1]https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html

[2]https://helpx.adobe.com/security/products/experience-manager/apsb18-36.html

[3]https://helpx.adobe.com/security/products/framemaker/apsb18-37.html

[4]https://helpx.adobe.com/security/products/techcommsuite/apsb18-38.html