Adobe’s August Patch Tuesday release impacts Flash Player, and Acrobat DC and Reader.

Critical vulnerabilities are divided into four CVEs tied to Adobe Flash Player and Adobe InDesign CC.

Adobe fixed eight vulnerabilities across three products, Flash Player, RoboHelp for Windows, and ColdFusion, as part of its September Patch Tuesday updates.

Mike Mimoso and Tom Spring discuss this week’s security news, including a discussion on recent hijacking of popular Chrome extensions and Adobe’s decision to end-of-life Flash Player.

The impending demise of Adobe Flash will create legacy challenges similar to Windows XP as companies begin to wean themselves off the vulnerable code base.

One of Tuesday’s Flash Player patches was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue.

Adobe only fixed six vulnerabilities in two products, making it the company’s smallest security bulletin of the year.

Adobe fixed eight vulnerabilities, seven critical, in Flash Player and Adobe Experience Manager (AEM) Forms product as part of its regularly scheduled updates Tuesday morning.

Researchers have found a phony Flash Player download for Android that installs banking malware and steals banking credentials.

Google today disclosed the existence of a Windows zero-day vulnerability under attack. The flaw was reported to Microsoft 10 days ago; Microsoft says the disclosure puts users at risk.