Adobe Patches Big Batch of Critical-Severity Software Flaws

Adobe Patches Big Batch of Critical-Severity Software Flaws

Posted on By CWS

Software program maker Adobe has launched patches for at the least 39 vulnerabilities throughout a variety of merchandise alongside warnings about distant code execution exploit dangers.

The Patch Tuesday rollout is headlined by a serious Adobe ColdFusion replace that addresses a large swatch of code execution and privilege escalation assaults.

The Adobe ColdFusion bulletin paperwork 7 distinct vulnerabilities marked as “essential” and Adobe warned that these “might result in arbitrary file system learn, arbitrary code execution and privilege escalation.  The essential bugs carry a CVSS severity rating of 9.1/10.

The broadly deployed Adobe Photoshop software program was additionally up to date to repair three critical-severity bugs with code execution dangers and the corporate additionally flagged a essential bug in Adobe Illustrator that needs to be patched with urgency.

The corporate additionally fastened essential, code execution software program defects in Adobe Lightroom, Adobe Dreamweaver, Adobe Join and Adobe InDesign and confirmed that profitable exploitation might result in arbitrary code execution and software denial-of-service assaults.

The corporate additionally flagged critical-severity bugs in Adobe Substance 3D Painter, Adobe Bridge and Adobe Dimension. 

The Adobe patches landed on the identical day Microsoft known as consideration to 5 zero-days being exploited within the wild. Redmond’s safety response staff warned that malicious hackers are already exploiting bugs within the Microsoft Scripting Engine and the oft-targeted Home windows Widespread Log File System (CLFS) Driver. 

Associated: Zero-Day Assaults Spotlight One other Busy Microsoft Patch TuesdayAdvertisement. Scroll to proceed studying.

Associated: Microsoft Intros HMAC-Primarily based Mitigation for Home windows Logfile Flaws

Associated: Microsoft Patches Home windows Zero-Day Exploited by Russian Hackers

Associated: Microsoft Raises Alert for Underneath-Assault Home windows Flaw

Associated: Home windows Zero-Day Exploited in Nokoyawa Ransomware Assaults

Security Week News Tags:, , , , , ,

Related Posts

OpenSSL Vulnerabilities Allow Private Key Recovery, Code Execution, DoS Attacks OpenSSL Vulnerabilities Allow Private Key Recovery, Code Execution, DoS Attacks Security Week News
Rethinking Success in Security: Why Climbing the Corporate Ladder Isn’t Always the Goal Rethinking Success in Security: Why Climbing the Corporate Ladder Isn’t Always the Goal Security Week News
Fortinet Patches Critical Authentication Bypass Vulnerabilities Fortinet Patches Critical Authentication Bypass Vulnerabilities Security Week News
Exploited Vulnerabilities in Joomla and LiteSpeed Uncovered Exploited Vulnerabilities in Joomla and LiteSpeed Uncovered Security Week News
Investor Lawsuit Over CrowdStrike Outage Dismissed Investor Lawsuit Over CrowdStrike Outage Dismissed Security Week News
Airoha Chip Vulnerabilities Expose Headphones to Takeover Airoha Chip Vulnerabilities Expose Headphones to Takeover Security Week News