Administrators running Adobe ColdFusion are being advised to update their servers following the release of a security patch.
The company said that the update would address a handful privilege elevation in the web application server platform. The update covers both ColdFusion 9 and 10 builds for the Windows, Unix and OS X versions of the platform.
According to Adobe, the four flaws addressed in the patch could potentially allow a remote attacker to circumvent privacy controls on ColdFusion servers. In the most severe cases, an attacker would be able to assume total control over the targeted server.
Due to the nature of the vulnerabilities and because of reports that the flaws are being actively targeted in the wild, Adobe has given the patch its highest priority rating.
Adobe said that the top priority rating is usually reserved for serious flaws which are already or will likely soon be targeted in the wild.
Administrators can obtain the ColdFusion update from Adobe as a direct download. The company noted that ColdFusion 10 systems should have the "mandatory update" package installed before running the fix.
The release is the latest in what has been a busy week for security updates. Earlier this week Oracle issued a massive 86-patch security release, and the discovery of a new zero-day flaw in Java will likely necessitate another patch release in the coming days.
Small Texas cable firm alleges foul play
Facebook will join fores with UK NGOs to tackle hate speech on the social network
A survey of local authorities has found that they face challenges in the areas of data, compliance and mobility.
More than 800,000 home users could be affected