A uttermost of 21 vulnerability , let in critical outward-bound spell , use - after - complimentary , quite a little bubble over , buff loser , unreliant Spanish pointer dereference and shelter ring road problem that may be expend for arbitrary software capital punishment , are patch in Acrobat and Reader . The analytic thinking of acrobat and lector vulnerability in Adobe has been accepted by main expert and investigator from Google , tencent , SEFCOM Lab , Cisco , HTBLA Leonding , Baidu , STAR Labs , the Renmin University of China , and Palo Alto Network . In Photoshop CC , Adobe gear up two critical memory subversion blemish that can be utilise in the circumstance of the stream exploiter to fulfil arbitrary code . Adobe repatches a crucial shot flaw establish by Google Project Zero researcher Tavis Ormandy in the beginning code editor program of Brackets . The skilful receive so far to write any selective information , but he will belike practise so in the future yr . Adobe has bushel a substantial perquisite escalation exposure in ColdFusion trip by unsecure familial permit from the default on initiation directory . The society noted that during the installment , user who surveil the lockdown swear out are not affect . Adobe submit that there exist no testify that any of these defect have been victimised in the savage and although some have been classify as “ decisive , ” the precedency evaluation assign to them indicate that the accompany does not ask to enjoyment the defect during attempt . client keep for Acrobat 2015 and Reader 2015 has been recently inform by Adobe on 7 April 2020 , and after that day of the month the merchandise wo n’t obtain any security system darn . The Microsoft Patch Tuesday update for December 2019 cover 36 microbe , admit Windows favour escalation microbe work in Chrome zero - day attempt .