Adobe XD has too define two exposure , the CVE-2019 - 7105 and the CVE-2019 - 7106 , which can guide to the death penalty of arbitrary code . A totality of seven wicked security measures defect were as well handle in Adobe ’s tardy assault of Shockwave spot update . The pester could be utilise to leakage spiritualist information if the Server Message Block ( SMB ) communications protocol are subject to relay lash out within the computer software . Adobe Acrobat and Reader received a important Patch update on Tuesday . CVE-2019 - 7107 has been patch up for InDesign . Adobe has exhaust a major mend security department update for unlike software program root to work out a bit of decisive and authoritative tap . On Tuesday , Adobe Bridge CC , Adobe Experience Manager Forms , InDevelopment , Adobe XD , Adobe Dreamweaver , Adobe Shockwave Player , Adobe Flash Player , Adobe Acrobat , and Reader were update on the security newssheet of the Tech Giant . CVE-2019 - 7129 , a hybridization - web site ( XSS ) script job in Adobe Experience Manager spring , has also been fasten by Adobe . The critical bug was imputable to dangerous hyperlink action , which in the flow user circumstance could resultant in arbitrary write in code performance . In Adobe Bridge CC a CVE-2019 - 7132 spate overrun bug was patched which may jumper cable to remote control cypher execution and a CVE-2019 - 7132 out – of - trammel compose nonstarter that can be utilize for the same propose . The Adobe Dreamweaver was likewise feign by a tone down security defect , CVE-2019 - 7097 . SAP besides hold a mend on Tuesday , resolving a serial publication of problem that could moderate to revealing , parody and get around of the authority . Microsoft besides unloose a quite a little of temporary hookup on Tuesday to answer 74 security system trouble . badger that were answer let in two zero - daytime prerogative escalation exposure impact Win32k , Microsoft Office Access Connectivity write in code capital punishment defect , and Windows GDI+ remote inscribe exposure . The certificate update also resolve six intercept in the computer software to reveal entropy . If put-upon by aggressor , sore information can be leak out . A entire of 21 security measure come forth have been answer , 10 of which may be apply to bring out entropy and 11 beleaguer for arbitrary murder . drug user are urge to assume machine rifle update for their computer software to extenuate the hazard of victimisation . Adobe Flash harness significant and vital vulnerability : CVE-2019 - 7108 and CVE-2019 - 7096 . All of these intercept — CVE-2019 - 7098 , CVE-2019 - 7099 , CVE-2019 - 7101 , CVE-2019 - 7102 , CVE-2019 - 7103 , CVE-2019 - 7104 — are decisive job of memory putrescence which can be put to death to arbitrary codification . The forbidden - of - leaping record and utilise - after - liberal defect can guide to datum outflow or arbitrary encipher deployment .