This security update resolves a vulnerability in Adobe Digital Editions. This update resolves a critical memory corruption vulnerability that could lead to code execution.
Adobe Digital Editions versions prior to 4.5.0 affecting Windows, Macintosh, iOS and Android
Adobe Digital Editions is prone to one vulnerability. This vulnerability is as follows:
Memory corruption vulnerability that could lead to code execution (CVE-2016-0954).
Successful exploitation of these vulnerabilities could result in an attacker gaining the same privileges as the user running the affected application. Depending on the privileges associated with the user, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights.
- After appropriate testing, apply applicable patch provided by Adobe to vulnerable systems.
- Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
- Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.