The update includes a security bypass bug that enables privilege escalation.
Adobe on Monday posted its regularly-scheduled October security update addressing 86 vulnerabilities – more than half of which were critical flaws – in Adobe Acrobat and Reader, its set of services to view, create, and manage PDF files.
Up to 47 of the patches addressed critical vulnerabilities allowing arbitrary code execution. That includes 22 out-of-bounds write flaws, seven critical heap overflow glitches, seven use-after-free bugs, three type confusion bugs, three buffer error bugs, three untrusted pointer dereference flaws and a double free vulnerability.
