Adobe's security update for January 2019 is a blue moon event with not a single security fix issued for Flash.
Instead, Adobe Connect and Digital Editions are the focus of this round of security updates.
Adobe Connect, software used for conferencing and training materials, is the first recipient of a fix. Impacting versions 9.8.1 and earlier on all platforms, a bug deemed "important," CVE-2018-19718, is a session token exposure issue which can reveal the privileges granted to a session.
Adobe Digital Editions versions 4.5.9 and below on Windows, macOS, iOS and Android systems, has received a fix for CVE-2018-12817, an out-of-bounds read vulnerability which, if exploited, can lead to information disclosure.
When it comes to Adobe's update for Flash, while the software is usually found on the list and given security updates, the latest round of patches only contain performance improvements and performance-related bug fixes for Flash versions 18.104.22.168 and earlier on Windows, macOS, Linux, and Chrome OS machines.
Last week, Adobe issued an out-of-band update which resolved two critical vulnerabilities in Adobe Acrobat and Reader.
The first flaw, CVE-2018-16011, is a use-after-free bug which, if exploited, can lead to arbitrary code execution. The second vulnerability, CVE-2018-16018, is a security bypass flaw which can be used for the purpose of privilege escalation.
In December, Adobe released an out-of-schedule patch to resolve a zero-day vulnerability found in malicious Microsoft Office documents uploaded to VirusTotal.
The security flaw, CVE-2018-15982, is capable of running on both 32 and 64-bit architectures and permits the execution of arbitrary code.