Home Security Emergency Update Addressed Multiple Adobe Photoshop Vulnerabilities

Emergency Update Addressed Multiple Adobe Photoshop Vulnerabilities

by Abeerah Hashim

Adobe have issued an out-of-band update right after the Patch Tuesday update bundle. This update addressed multiple vulnerabilities across different products, including critical vulnerabilities in Adobe Photoshop.

Critical Adobe Photoshop Vulnerabilities Fixed

Adobe fixed five different critical severity vulnerabilities in Adobe Photoshop. As stated in their advisory, the bugs included two out-of-bounds read flaws (CVE-2020-9683, CVE-2020-9686) and three out-of-bounds write flaws (CVE-2020-9684, CVE-2020-9685, CVE-2020-9687).

When exploited, these bugs could allow an attacker to execute arbitrary codes on the target system in the context of the current user.

The vulnerabilities affected Adobe Photoshop CC 2019 version 20.0.9 and earlier and Photoshop 2020 version 21.2 and earlier.

Adobe subsequently patched the flaws with the release of Photoshop CC 2019 v.20.0.10 and Photoshop CC v.21.2.1.

Other Adobe Out-of-Band Updates

Alongside Photoshop, Adobe also addressed bugs in other products.

Precisely, they addressed four different critical severity bugs in Adobe Prelude. These include two out-of-bounds read vulnerabilities (CVE-2020-9677, CVE-2020-9679), and two out-of-bounds write flaws (CVE-2020-9678, CVE-2020-9680). All these bugs could allow arbitrary code execution to an attacker. Adobe fixed them with the release of Adobe Prelude 9.0.1 for Windows and macOS.

Also, they fixed three critical vulnerabilities in Adobe Bridge by releasing the product version 10.1.1.

The vulnerabilities in all these products caught Adobe’s attention after Mat Powell of Trend Micro ZDI reported about them.

Besides, following the report of a researcher with alias fatal0, Adobe patched an important severity directory traversal flaw in Adobe Reader Mobile. When exploited, the vulnerability could lead to information disclosure. Adobe addressed the bug with the release of Adobe Reader Mobile v.20.3 for Android.

For all the vulnerabilities, Adobe confirmed no active exploitation in the wild.

These updates follow the monthly scheduled updates of Adobe for July 2020.

Considering the critical nature of the bugs, all Adobe users, particularly those using Adobe Photoshop, must ensure updating their devices to the latest patched versions.

Let us know your thoughts in the comments.

The following two tabs change content below.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Source link

Related Articles

Leave a Comment

This website uses cookies to improve your experience. We will assume you are ok with this, but you can opt-out if you wish. Accept Read More

%d bloggers like this: