Adobe Flash Player and Experience Manager

Adobe released security updates for Adobe Flash Player for Windows, Mac, Linux, and Chrome operating systems that address seven critical remote code execution vulnerabilities, CVE-2017-3068CVE-2017-3069CVE-2017-3070CVE-2017-3071CVE-2017-3072CVE-2017-3073, and CVE-2017-3074, that allow a malicious actor to take control of the affected system. A second security update for Adobe Experience Manager for Windows, Linux, Solaris, and AIX addresses an information disclosure vulnerability, CVE-2017-3067, that results from abuse of the pre-population service in AEM Forms and could allow unauthorized access to information. The NJCCIC recommends all users and administrators review the Adobe Security Bulletins for Adobe Flash Player and Adobe Experience Manager and apply the necessary updates.