Adobe updates Lightroom and Prelude
The updates fix four security vulnerabilities.
The security updates provided for Lightroom, Prelude and Experience Manager fix four security vulnerabilities. Adobe has also announced security updates for the PDF tools Acrobat and Acrobat Reader, which will follow later this week.
In Lightroom Classic up to and including version 10.0 for Windows, there is a security vulnerability (CVE-2020-24447) that Adobe has classified as critical. An attacker could execute arbitrary code through an uncontrolled search path element. Lightroom Classic 10.1 for Windows and Mac can help.
Up to version 9.0.1 for Windows, Prelude has a very similar vulnerability (CVE-2020-24440), which Adobe also identifies as critical. An update to Prelude 9.0.2 closes the gap. It is also available for macOS.
You can find the current Adobe Security Bulletins here.