Adobe patched 11 vulnerabilities in its web design tools

Adobe’s new set of planned patches turned out to be very modest: the company patched vulnerabilities in its tools for web design and work with media content. The developers cumulatively fixed 11 vulnerabilities in four applications for Windows and macOS from the Creative Cloud suite.

There is currently no data on the use of new problems in malicious attacks. All updates are assigned priority 3, that is, they can be installed on time at their discretion.

Adobe has released a relatively small patch update that addresses vulnerabilities in four products including out-of-bounds and memory corruption issues leading to arbitrary code execution”, — comment developers on updates to ZDNet.

Three vulnerabilities are closed in Adobe Illustrator CC 2019, a program for working with vector graphics. Two of the problems are recognized as critical; according to the Adobe bulletin, both of them allow executing third-party code with the rights of the current user through violation of the integrity of the memory. The third, less dangerous problem threatens to spoof the DLL and execute malicious code with elevated privileges. Product users are encouraged to upgrade to version 24.0.

Read also: Microsoft experts examined real attempts to exploit BlueKeep

A critical vulnerability was identified in the media processing application Adobe Media Encoder.

“On Tuesday, Adobe’s security advisories list Media Encoder as the main recipient of security fixes”, — reports ZDNet.

The problem is due to a writing error outside the buffer, which can be used to execute arbitrary code. Four more bugs in this software were rated as “substantial”; all of them are caused by the ability to read outside an allocated in memory buffer and threaten the disclosure of confidential data.

Patches for new vulnerabilities are included in software release 14.0.

Two significant vulnerabilities have been patched in the Adobe Bridge CC web and video project digital asset management tool. Both are caused by a violation of the integrity of the memory and in the case of operation can lead to unauthorized disclosure of information. Problems are solved by installing update 10.0.

In the program for creating graphic projects Adobe Animate CC 2019, was fixed a bug that threatened to hijack a DLL in order to execute a malicious version with high privileges. Windows and macOS users are encouraged to upgrade to version 20.0.

William Reddy

I am from Ireland. My parents bought me a computer when I was 11, and several month after I have got a virus on this PC. I decided to enter the INSA Centre Val de Loire university after being graduated from the school. This French educational institution was offering a brand-new cybersecurity course. After getting the master degree in cybersecurity, I've started working in as virus analyst in a little anti-malware vendor. In 2018, I've decided to start Virus Removal project. The main target of this site is to help people to deal with PC viruses of any kind.

Leave a Reply

Your email address will not be published. Required fields are marked *


Back to top button