Adobe software updates fix more than 100 security issues

Adobe has released security updates for many products. In the PDF tools of the Acrobat family alone, the manufacturer has solved more than 75 vulnerabilities.

Adobe offers security updates for Acrobat and Reader Photoshop CC, After Effects CC, Premiere Pro CC, Character Animator CC, Prelude CC, Creative Cloud Desktop and the Experience Manager. Overall there are more than 100 vulnerabilities, with more than 75 affecting their PDF tools.

The Flash Player update does not fix security vulnerabilities, but several other problems. The new Flash Player version fixes these bugs. The update should start automatically via the installed Updater. The Chrome browser takes care of that and Microsoft browsers receive the update via the Windows Update.

The Acrobat DC and Acrobat Reader DC PDF tools include more than 75 fixes, with no critical ones included. But all received an important rating, which is the second highest level. More than half of the issues are suitable for injecting and executing arbitrary code.

Updates for Photoshop CC for Windows and macOS have 34 vulnerabilities fixed. 22 of these issues where classified as critical. If an attacker succeeds in exploiting one of them, he can inject and execute arbitrary code. New versions are 19.1.9 and 20.0.6.

Adobe has closed four vulnerabilities in the Creative Cloud Desktop app. Two of the vulnerabilities where categorized as critical, including one that could allow an attacker to inject arbitrary code. Affected are versions up to 4.6.1 for Windows and macOS. The new version 4.9 fixes these issues.

In updates for Adobe Experience Manager (AEM) 6.5 and 6.4, Adobe fixes a critical vulnerability. It can enable bypassing user authentication if the Security Assertion Markup Language (SAML) is used in AEM. Hotfix 30379 fixes the issue.

You can find more information on all updates on the Adobe Security Bulletins and Advisories webpage.

about author