Adobe next week plans to patch its ColdFusion application server to close three vulnerabilities.
The company said in an advisory that attackers are actively exploiting the bugs, which could allow an adversary to take control of the targeted server, gain increased access or steal information.
Two of the flaws, however, only impact those customers who lack password protection.
The hotfix, set to be issued 15 January, will update ColdFusion versions 10, 9.0.2, 9.0.1 and 9.0 running on Windows, Macintosh and Unix.
Meanwhile, Adobe on Tuesday expects to push out normally scheduled updates for its Reader and Acrobat software (versions 11.0 and earlier) to coincide with Microsoft's planned patches.
Adobe did not say how many vulnerabilities will be patched, but a spokeswoman said the company was not aware of any being exploited in the wild.
_(33).jpg&h=140&w=231&c=1&s=0)
_(36).jpg&h=140&w=231&c=1&s=0)
iTnews Cloud Covered Breakfast Summit
Live & Hands On Demo: Navigating the BMC AMI DevX Platform to Understand Code Faster Using AI
Melbourne Cloud & Datacenter Convention 2026
iTnews Executive Retreat - Data & AI Edition
The 2026 iAwards
_(1).jpg&h=140&w=231&c=1&s=0)
