Adobe Security Bulletin

Release date: May 23, 2016

Last updated: June 3, 2016

Vulnerability identifier: APSB16-17

Priority: 3

CVE number: CVE-2016-4118

Platform: Windows

Adobe has released a security update for the Adobe Connect Add-In for Windows. This update resolves an untrusted search path vulnerability in the Connect Add-In installer, and Adobe recommends users update their product installation using the instructions provided in the “Solution” Section below.

Product	Affected Versions	Platform
Adobe Connect Add-In	11.9.975.228 and earlier versions	Windows

Adobe recommends customers update the Connect Add-In to the newest version by following the instructions below.

Note: This issue will be automatically resolved for Hosted Connect customers once the account is upgraded to Connect 9.5.3.

Product	Updated Version	Platform	Priority rating	Availability
Adobe Connect Add-In	11.9.976.291	Windows	3	Download

This update resolves an untrusted search path vulnerability in the Connect add-in installer (CVE-2016-4118).

Adobe would like to thank Anand Bhat for reporting this issue (CVE-2016-4118) and for working with Adobe to help protect our customers.

June 3, 2016: Added clarifying details regarding the specific component impacted by CVE-2016-4118, and modified the Download URL to point to the Connect Add-in download page.

Adobe Security Bulletin

Security update available for the Adobe Connect Add-In for Windows

Summary

Affected Versions

Solution

Vulnerability Details

Acknowledgments

Revisions

Ask the Community

Contact Us