Adobe recently released a security update that patches an untrusted search path vulnerability in Adobe Connect for Windows in a security bulletin dated May 23. Carrying a priority rating of 3, the discovery of the vulnerability, CVE-2016-4118, was credited to researcher Anand Bhat—affecting earlier versions of add-in installer Connect (versions 9.5.2 and earlier).
The company describes Adobe Connect as a “market-leading web conferencing solution” that empowers corporations and government agencies around the globe to improve webinars, and eLearning by fostering rich interactions. Apart from addressing issues and delivering fixes, version 9.5.3 also included improvements on Connect.
Prior to the rollout, Adobe notes that no exploits of the said vulnerability has been spotted in the wild. The company then recommended users to update their installations to its latest version, 9.5.3, following certain prerequisites, which was hosted by Adobe since May 13th. Customer on-premise deployments were then made available since May 20th. Organizations carrying managed customer-specific cloud deployment are instructed to contact representatives to schedule an update.
The patch follows a recent release of a security update in the middle of this month, addressing a critical Flash Player vulnerability
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.