Important security updates have been released for several Adobe products. The developers have fixed critical vulnerabilities, among other things.

Adobe has secured Acrobat and Reader, Audition, Commerce, FrameMaker Publishing Server, Substance 3D Designer and Substance 3D Painter against possible attacks. In the worst case, malicious code can get onto computers.

Malicious code vulnerabilities

Acrobat and Reader are vulnerable on macOS and Windows. In the according warning message, the developers classified several vulnerabilities as critical. In unspecified ways, attackers can trigger memory errors and use them to push and execute malicious code on systems. In such cases, computers are usually considered to be completely compromised. The editions Acrobat DC, Acrobat Reader DC 23.008.20533 and Acrobat 2020 and Acrobat Reader 2020 20.005.30574 are repaired.

Commerce is vulnerable on all platforms. Malicious code can be executed remotely and several vulnerabilities are considered critical. Adobe has listed the versions protected against this in an article.

Substance 3D Designer version 13.1.1 is protected against possible malicious code attacks for all platforms. This is the case with Substance 3D Painter from version 9.1.2.

FrameMaker Publishing Server is vulnerable on Windows. Version 2022.2 closes a critical malicious code gap here. A vulnerability in Audition could allow attackers' code to leak on macOS and Windows PCs. Issues 23.6.4 and 24.2 are repaired.

Further information about the vulnerabilities and threatened versions can be found in the accoring alerts:

Adobe Acrobat and Reader Adobe Commerce Substance 3D Painter Substance 3D Designer Adobe FrameMaker Publishing Server Adobe Audition