Other Patch Tuesday Updates (Adobe, Apple)
Adobe released two bulletins today:
APSB13-24: Security update for RoboHelp
http://www.adobe.com/support/security/bulletins/apsb13-24.html
I don't remember seeing a pre-anouncement for this one. The update fixes an arbitrary code execution vulnerability (CVE-2013-5327) . Robohelp is only available for Window.
APSB13-25: Security update for Adobe Acrobat and Adobe Reader
http://www.adobe.com/support/security/bulletins/apsb13-25.html
This update fixes a problem that was introduced in a recent update and effects Javascript security controls. As a result, only version 11.0.4 appears affected, no earlier versions. Only the Windows version of these Adobe tools are affected.
Apple released iTunes 11.1.1 today. The respective security page has not yet been updated, but expect a link to the security content of this update within the next day or so. http://support.apple.com/kb/HT1222 . This update only affects Windows. Patches for iTunes on OS X are usually released as part of OS X updates.
Did I miss any?
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Comments
Anonymous
Oct 9th 2013
1 decade ago
http://helpx.adobe.com/en/flash-player/release-note/fp_119_air_39_release_notes.html
via
http://www.adobe.com/support/documentation/en/flashplayer/releasenotes.html
Anonymous
Oct 9th 2013
1 decade ago
http://get.adobe.com/air/
*****
Security update released for RoboHelp
Security update available for RoboHelp
Release date: October 8, 2013
Vulnerability identifier: APSB13-24
Priority: See table below
CVE number: CVE-2013-5327
Adobe has released a security update for RoboHelp 10 on the Windows operating system. This update addresses a vulnerability that could allow an attacker, who successfully exploits this vulnerability, to run malicious code on the affected system. Adobe recommends users of RoboHelp 10 apply the solution using the instructions provided in the "Solution" section below.
Affected software versions
RoboHelp 10 for Windows
Solution
Adobe recommends users of RoboHelp 10 apply the fix using the instructions below:
Backup the MDBMS.dll file:
1. Browse to the RoboHTML folder - the default location is %ProgramFiles%\Adobe\RoboHelp 10\RoboHTML\
2. Rename MDBMS.dll to MDBMS.old
Install the update:
1. Download the APSB13-24.zip file
2. Move MDBMS.dll from the extracted location to %ProgramFiles%\Adobe\RoboHelp 10\RoboHTML\
This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2013-5327).
*****
iTunes 11.1.1 was actually released by Apple on 10/04/13
Anonymous
Oct 9th 2013
1 decade ago