Adobe recently announced security fixes for its various products, including Photoshop, Acrobat, Magento, and Reader. Their standard patch set solved complex but critical issues in their various software solutions.
(Photo: Youtube screenshot by Adobe Creative Cloud)
According to ZdNet, the first of these releases addressed concerns about which versions of Adobe Reader and Adobe Acrobat 2017 and 2020, Acrobat and Reader DC were compatible on both Windows and macOs. In total, these software products contain approximately 23 vulnerabilities. There are 17 critical issues that have been addressed, while the rest are categorized as significant vulnerabilities. Read the summary of Adobe’s security report here.
The issues include problematic access controls, information leaks, elevation of privilege, denial of service, buffer and integer issues, and usage issues after free use that can be subject to exploitation. Many of them are critical security issues which, when left unresolved, can be a route of possible attacks.
Adobe’s security concerns affect several frequently used software products
Frequently used Adobe products have been the target of numerous security attacks. Adobe’s e-commerce platform Magento has also been the target of multiple vulnerabilities. In total, the Magento Commerce platform as well as Magento Open Source had 18 bugs ranging from moderate to critical issues.
Also read: [WARNING] Malware Deployed By Fake Breach and Adobe Flash Update Notifs: Google Alerts Identified Compromised Fake Websites Created By Scammers
On the other hand, Adobe Photoshop, a popular photo editing tool was founded with five critical vulnerabilities on both macOs and Windows. Again, these security issues can be exploited through code execution and are described as buffer overflow issues as well as read or write out of bounds overflow issues. The same similar issues are found on Adobe Illustrator, which are out of bounds vulnerabilities labeled CVE-2021-21053 and CVE-2021-21054. For Adobe Animate, write out of bounds vulnerabilities are labeled CVE-2021-21052.
For their web design software, Adobe Dreamweaver has also been the subject of information leaks. Software privacy issue CCVE-2021-21055 was offered with a single fix.
Adobe steps up security measures in 2021
Quick fixes were provided in response to these issues thanks to reports from a number of independent researchers who first updated the issue. Decathlon, Trend Micro Zero Day Initiative, and FortiGuard Labs have all taken the initiative to report the issues. In addition, a competition has solved these issues through the initiatives of the Tianfu Cup 2020 international cybersecurity competition.
These vulnerabilities are now corrected for Windows and macOS users. It wasn’t until the last month that Adobe released its first round of security updates for the year. Since then, he has already addressed several concerns from Bridge, Campaign Classic, Photoshop and Illustrator. As more and more users favor the use of these software products, Adobe has also stepped up its measures to ensure that none of them would be an avenue of exploitation.
Associated article: Adobe asks users to update Creative Cloud apps or they could face legal consequences
This article is the property of Techtimes
Written by Nikki D
2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.