February 2019 Patch Tuesday – Adobe Updates

Coming off the heels of February 2019’s Patch Tuesday, Adobe has discovered and patched another critical vulnerability impacting Adobe Reader and Acrobat. The latest exploit can allow hackers to access sensitive information about the current user.

The vulnerability, listed as CVE-2019-7815, addresses a bypass discovered in another Adobe patch released on Patch Tuesday – CVE 2019-7089. The impact of CVE-2019-7815 can be dramatic, as it affects both Windows and macOS systems.

Impacted Adobe products include Acrobat DC, 2017, and 2015, as well as Acrobat Reader DC, 2017, and 2015. Even if you patched Reader and Acrobat on the most recent Patch Tuesday, you will need to immediately patch again to stay secure.

Lessons Learned

The security community and malicious actors alike will always look for ways to break functionality and manipulate code to access systems. This not only makes systems more secure, but also guarantees that new patches will be issued frequently.

The biggest lesson from this Patch Tuesday revision is that patching early and often is the best way to prevent an exploit. Vendors, including Windows and Adobe, will release critical patches outside of their regular schedule if they are severe enough. That means that just patching once a month or even weekly may not catch critical changes fast enough. The more automated and comprehensive your patching strategy, the more secure your infrastructure can be.

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.