07-21-2020 , 09:44 PM
Quote:Adobe has released security updates to address twelve critical vulnerabilities in Adobe Photoshop, Adobe Prelude, and Adobe Bridge that could allow attackers to execute arbitrary code on Windows devices.
In addition to the code execution vulnerabilities, a information disclosure bug was fixed in Adobe Reader Mobile for Android users.
The arbitrary code execution vulnerabilities are all 'Out-of-bounds write' and 'Out-of-bounds read' bugs in Windows versions that could allow arbitrary code execution in the security context of the logged in user.
For users who are running as a standard Windows users, and not an administrative account, the impact of these vulnerabilities are greatly restricted unless chained with another vulnerability that elevates privileges.
Adobe advises users to update the vulnerable apps to the latest versions to block attacks attempting to exploit unpatched installations.
APSB20-44 Security update available for Adobe Bridge
Adobe has released a security update for a critical vulnerability in Adobe Bridge that could allow remote code execution in the security context of the current user.
If a user is has standard privileges on the Windows machine, the risks will significantly be reduced.
Windows users should install Adobe Bridge 10.1.1 to fix this critical vulnerability.
APSB20-45 Security update available for Adobe Photoshop
Adobe has published security updates for Photoshop CC 2019 and Photoshop CC that resolves Out-of-bounds read and writes that could lead to remote code execution.
If a user is has standard privileges on the Windows machine, the risks will significantly be reduced.
Users should install Photoshop CC 2019 20.0.10 or Photoshop CC 21.2.1 to fix these important severity flaws.
![[Image: uoFADfu.png]](https://i.imgur.com/uoFADfu.png)
![[Image: gLGdK6T.png]](https://i.imgur.com/gLGdK6T.png)
Continue reading HERE