Adobe Framemaker update fixes critical vulnerability
Adobe has released security updates for Framemaker, Creative Cloud Desktop and Connect to fix eight security vulnerabilities.
David FischerWith the March Patch Day Adobe fixes a total of eight vulnerabilities in these three products: Framemaker, Creative Cloud Desktop and Connect. Half of these vulnerabilities are classified as critical.
In Framemaker version 2019.0.8 for Windows there is a security vulnerability classified as critical (CVE-2021-21056). A cross-border memory access can be used to execute arbitrary code. An update to version 2020.0.2 helps to fix this vulnerability.
The Creative Cloud desktop application version 5.3 for Windows has three security vulnerabilites that Adobe has classified as critical. Two of these vulnerabilities are suitable for executing arbitrary code. The third vulnerability allows an attacker to obtain higher privileges. These weaknesses have been eliminated now in the new version 5.4.
Connect 11.0.5 and earlier for all platforms four vulnerabilities are fixed with the new version 11.2. One of these vulnerabilities (CVE-2021-21085) has been classified as critical. An insufficient verification of entered data can be used to execute arbitrary code. The other three vulnerabilities are classified as high risk and can be exploited to execute arbitrary JavaScript code in the browser.
About Author
David Fischer
I am a technology writer for UpdateStar, covering software, security, and privacy as well as research and innovation in information security. I worked as an editor for German computer magazines for more than a decade before starting to be a team member at UpdateStar.