Adobe patches Business Logic error in Flash

This Patch Tuesday is minimal, with only one bug resolved.
Written by Charlie Osborne, Contributing Writer

Video: A brief history of Adobe Flash

In a rare turn of events, Adobe has only needed to resolve one vulnerability during December's Patch Tuesday.


According to the tech giant's security advisory, the lone "Business Logic error" bug, CVE-2017-11305, is a moderately dangerous vulnerability.

"This update addresses a regression that could lead to the unintended reset of the global settings preference file," Adobe says.

The vulnerability impacts Adobe Flash and Adobe Flash for Google Chrome on Windows, Mac, Linux, and Chrome OS, as well as Adobe Flash for Microsoft Edge and Internet Explorer 11 on Windows 8.1 and 10.

Granted a priority rating of 2, Adobe has not received reports of the vulnerability being exploited in the wild.

See also: Adobe accidentally releases private PGP key

In November, Adobe patched 67 vulnerabilities, many of them critical. The bugs impacted Adobe Flash, Acrobat, and Reader, as well as other software.

In total, five vulnerabilities were fixed in Flash, all of which were deemed critical. The out-of-bounds read and use-after-free security flaws, if exploited, could lead to remote code execution.

Cross-site scripting (XSS) vulnerabilities, type confusion issues, buffer problems, and memory corruption vulnerabilities were also fixed in other software.

In the same Patch Tuesday, Microsoft issued fixes for over 30 vulnerabilities in software including the Microsoft Windows operating system, Microsoft Office, Exchange Server, and Microsoft Edge.

Best gifts: Top tech for co-workers

Related stories

Editorial standards