An update released by Adobe for its Connect web conferencing software addresses over two dozen functionality bugs and one security flaw.
The vulnerability, tracked as CVE-2016-4118, affects Adobe Connect 9.5.2 and earlier for Windows. The flaw has a priority rating of 3 because Connect is a product that historically has not been targeted by malicious actors.
The security hole, reported by Anand Bhat, is an untrusted search path issue affecting the Connect add-in installer. Malicious hackers could exploit the vulnerability to launch DLL loading attacks.
Read More Securityweek