eNews

Adobe Patches A Number of Critical Vulnerabilities In Latest Update

Written by etrepid | Oct 28, 2020 3:00:00 PM

If you make frequent use of Adobe products, then you'll definitely want to give priority to applying the latest security update offered by the company. It's an out of band patch that impacts ten different products in the Adobe lineup and is aimed squarely at addressing a number of critical security flaws. Since this is a big update, released outside the company's normal schedule, let's start by taking a look at exactly which products are impacted.

These include:

  • Dreamweaver
  • Marketo
  • Animate
  • Illustrator
  • After Effects
  • Photoshop
  • Media Encoder
  • InDesign
  • Creative Cloud
  • Premiere Pro

Right off the bat then, if you use any of the products listed above in either a Windows or MacOS environment, this patch is for you.

As to the particulars, the updates address too many issues listed as serious or critical to go into any detail on. However, in Illustrator for example, the patch addresses seven different critical security vulnerability.

In Dreamweaver, you'll find a pair of serious issues addressed, including an uncontrolled search path element flaw, and similar bugs were addressed in Premier Pro, Photoshop, Media Encoder and Creative Cloud. On the Marketo front, the company addressed a critical cross-site scripting bug that could have allowed an attacker to deploy a poisoned JavaScript inside a browser section.

Where Animate is concerned, four different critical vulnerabilities were addressed, all of which could have resulted in arbitrary code execution. With InDesign, the company addressed a critical memory corruption bug.

In short, this is a massive, important update. It also didn't happen in isolation. When the company released the update, they thanked a raft of security research firms for their efforts and disclosures. Again, if you use any of the Adobe products listed above, this is a security update you won't want to miss.