Friday, January 22, 02:06
Home security Adobe releases patches and fixes critical vulnerabilities!

Adobe releases patches and fixes critical vulnerabilities!

Adobe's first major security update team in 2021 fixes seven critical bugs that could lead to arbitrary code execution.

On Tuesday, the giant company released separate security advisories that describe the vulnerabilities it solved in seven products. The affected software are Photoshop, Illustrator, Animate, Bridge, InCopy, Captivate and Campaign Classic.

The first security fix has been applied to Photoshop image creation software on Windows computers and MacOS. Critical buffer overflow error (CVE-2021-21006) can be used to cause arbitrary code execution.

Adobe Illustrator, on Windows computers, is the subject of its second patch company. The critical error, CVE-2021-21007, is described as an uncontrolled "search path element" error that can also lead to code execution.

The third critical problem, discovered in Adobe Animate on Windows computers, is the same security flaw as above and has the same concequenses. This vulnerability is referred to as CVE-2021-21008.

Adobe Bridge, which is used to transfer and switch content between different formats software As between Photoshop and Lightroom Is subject to correction for CVE-2021-21012 and CVE-2021-21013, leading to arbitrary code execution.

Another uncontrolled "search path element" vulnerability was found in Adobe InCopy, referred to as CVE-2021-21010. And this error can used for malicious code execution.

In Adobe Campaign Classic, on Windows and Linux computers, the company encountered a critical flaw in CVE-2021-21009 SSRF which can be utilized for the purpose of revealing sensitive information.

A hotfix has also been issued for CVE-2021-21011, an uncontrolled search path element element that is considered to be significant and found in Adobe Captivate-based versions of Windows. If exploited, the vulnerability could lead to escalation of privileges.

Users are advised to receive automatic updates, where required, to update their devices and stay protected.

Source of information: zdnet.com

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

Mac: How to see which model you have and when it was released

When you need support for your Mac - or want to install some kind of upgrade - you usually need to know the exact ...
00:02:35

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.

Microsoft Office 365 employee passwords leaked online!

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and ...

COSMOTE and Microsoft provide new cloud solutions for businesses

COSMOTE and Microsoft expand their cooperation, offering even more advanced and high quality cloud solutions, in large and small ...

Cyber ​​attacks in Eastern Europe are on the rise!

The cyber-attacks that have taken place in many US government agencies and companies in recent months have caused concern in the developing countries of ...

Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...