A level best of 21 vulnerability , admit vital outward writing , exercise - after - detached , muckle outpouring , buffer store loser , unreliant Spanish pointer dereference and shelter bypass trouble that may be used for arbitrary software program implementation , are spotty in Acrobat and Reader . The analytic thinking of acrobat and reader vulnerability in Adobe has been swallow by mugwump expert and research worker from Google , tencent , SEFCOM Lab , Cisco , HTBLA Leonding , Baidu , STAR Labs , the Renmin University of China , and Palo Alto Network . In Photoshop CC , Adobe pay back two decisive remembering degeneracy flaw that can be apply in the context of use of the flow exploiter to carry through arbitrary write in code . Adobe repatches a important injection defect set up by Google Project Zero investigator Tavis Ormandy in the source code editor program of Brackets . The proficient deliver thus far to release any entropy , but he will in all likelihood behave so in the adjacent year . Adobe has desex a meaning favour escalation exposure in ColdFusion actuate by unsecure genetic permission from the default installment directory . The keep company far-famed that during the instalment , user who keep abreast the lockdown march are not pretend . Adobe say that there equal no certify that any of these defect have been victimised in the idle and although some have been classified advertisement as “ decisive , ” the antecedence military rank portion to them intimate that the companion does not look to usage the fault during plan of attack . client digest for Acrobat 2015 and Reader 2015 has been latterly inform by Adobe on 7 April 2020 , and after that go steady the ware wo n’t find any security measure speckle . The Microsoft Patch Tuesday update for December 2019 plow 36 hemipteran , admit Windows prerogative escalation beleaguer victimised in Chrome zero - daytime onset .