Home

Jul 27, 2020

Emergency Update Addressed Multiple Adobe Photoshop Vulnerabilities

authorarticle: Master3395
adobe.png
video: 
youtube: 
sources: 
keywords: adobe, Adobe Bridge, Adobe critical vulnerability, Adobe patch, Adobe Patch Tuesday, Adobe Photoshop, Adobe Photoshop CC, Adobe Prelude, Adobe Reader, Adobe Reader Mobile, Adobe update, Adobe vulnerability, arbitrary code execution, bug, code execution, f
Category: General
Posted by: Admin

Adobe have issued an out-of-band update right after the Patch Tuesday update bundle. This update addressed multiple vulnerabilities across different products, including critical vulnerabilities in Adobe Photoshop.

Critical Adobe Photoshop Vulnerabilities Fixed Adobe fixed five different critical severity vulnerabilities in Adobe Photoshop. As stated in their advisory, the bugs included two out-of-bounds read flaws (CVE-2020-9683, CVE-2020-9686) and three out-of-bounds write flaws (CVE-2020-9684, CVE-2020-9685, CVE-2020-9687). When exploited, these bugs could allow an attacker to execute arbitrary codes on the target system in the context of the current user. The vulnerabilities affected Adobe Photoshop CC 2019 version 20.0.9 and earlier and Photoshop 2020 version 21.2 and earlier.

Adobe subsequently patched the flaws with the release of Photoshop CC 2019 v.20.0.10 and Photoshop CC v.21.2.1. Other Adobe Out-of-Band Updates Alongside Photoshop, Adobe also addressed bugs in other products. Precisely, they addressed four different critical severity bugs in Adobe Prelude. These include two out-of-bounds read vulnerabilities (CVE-2020-9677, CVE-2020-9679), and two out-of-bounds write flaws (CVE-2020-9678, CVE-2020-9680).

All these bugs could allow arbitrary code execution to an attacker. Adobe fixed them with the release of Adobe Prelude 9.0.1 for Windows and macOS. Also, they fixed three critical vulnerabilities in Adobe Bridge by releasing the product version 10.1.1. The vulnerabilities in all these products caught Adobe’s attention after Mat Powell of Trend Micro ZDI reported about them. Besides, following the report of a researcher with alias fatal0, Adobe patched an important severity directory traversal flaw in Adobe Reader Mobile. When exploited, the vulnerability could lead to information disclosure.

Adobe addressed the bug with the release of Adobe Reader Mobile v.20.3 for Android. For all the vulnerabilities, Adobe confirmed no active exploitation in the wild. These updates follow the monthly scheduled updates of Adobe for July 2020. Considering the critical nature of the bugs, all Adobe users, particularly those using Adobe Photoshop, must ensure updating their devices to the latest patched versions. Let us know your thoughts in the comments.

authorarticle: Master3395
adobe.png
video: 
youtube: 
sources: 
keywords: adobe, Adobe Bridge, Adobe critical vulnerability, Adobe patch, Adobe Patch Tuesday, Adobe Photoshop, Adobe Photoshop CC, Adobe Prelude, Adobe Reader, Adobe Reader Mobile, Adobe update, Adobe vulnerability, arbitrary code execution, bug, code execution, f

Comments:

comments powered by Disqus

Return

Sponsored Ads:

Discord

Page 1 of 548  >  >>

Disgruntled Researcher Drops Two Tor (0Days?) Vulnerabilities – Promises More Soon!

Tor.jpg

Aug 5, 2020 | Category: General | Comments

An angry researcher has dropped two Tor vulnerabilities (he calls them 0day) for similar reasons. He also pledges to drop more such bugs in the days to come.

read more…

We've been waiting for years for this Xbox enhancement

xbox.webp

Aug 4, 2020 | Category: General | Comments

This is how the new game store on Xbox Series X will be.

read more…

Numerous Malicious Photo Blur Apps Appeared On Play Store

google.jpg

Aug 3, 2020 | Category: Google | Comments

Researchers spotted numerous malicious photo blur apps targeting Android users.

These apps actually constituted a dedicated campaign targeting users with adware. While Google removed the apps, make sure you don’t have them on your devices too.

read more…

Page 1 of 548  >  >>